[SERVER-17676] MongoD able to start w/ any valid form certificate w/o validate it against the CA Created: 20/Mar/15  Updated: 20/Mar/15  Resolved: 20/Mar/15

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Eitan Klein Assignee: Unassigned
Resolution: Done Votes: 0
Labels: 28qa
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Operating System: ALL
Participants:

 Description   

MongoD 3.0 GA

Environment:

1) Single Mongod
2) Certificates from an external CA authority (windows 2008), certificates attached

  • newcert4.pem - Certificate and private key
  • CA4.pem - CA auth certificate

Problem:
Start mongod with netcert4.pem works correctly (see command line), but I expected it to work only with --sslCAFile (AS this is not a self-sign certificate)

%MongoD%\mongod --replSet EitanRs3a --port 5002 --dbpath d:\data\db1 --storageEngine wiredTiger -
-logpath d:\data\rs3primary.txt --sslMode requireSSL --sslPEMKeyFile newcert4.pem


Generated at Thu Feb 08 03:45:15 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.