[SERVER-27264] With net.ssl.allowConnectionsWithoutCertificates: true, allow disabling no client certificate log warnings Created: 02/Dec/16 Updated: 11/Jul/18 Resolved: 11/Jun/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Logging |
| Affects Version/s: | None |
| Fix Version/s: | 3.4.16, 3.6.6, 4.0.1, 4.1.1 |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Emilio Scalise | Assignee: | Adam Cooper (Inactive) |
| Resolution: | Done | Votes: | 1 |
| Labels: | neweng, platforms-interns-2017, platforms_security | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||
| Backport Requested: |
v4.0, v3.6, v3.4
|
||||||||||||
| Participants: | |||||||||||||
| Case: | (copied to CRM) | ||||||||||||
| Description |
|
When net.ssl.allowConnectionsWithoutCertificates: true every client connection using no SSL certificate produces a warning message in the log:
It would be nice if it is possible to suppress those warnings, as SSL connections with no client certificates are enabled explicitly by setting net.ssl.allowConnectionsWithoutCertificates: true. |
| Comments |
| Comment by Githook User [ 11/Jul/18 ] |
|
Author: {'username': 'super-cooper', 'name': 'Adam Cooper', 'email': 'adam.cooper@mongodb.com'}Message: (cherry picked from commit 14eb0afce97b372d0dc4d2a4c41a00318a36b0e2) |
| Comment by Githook User [ 11/Jul/18 ] |
|
Author: {'username': 'super-cooper', 'name': 'Adam Cooper', 'email': 'adam.cooper@mongodb.com'}Message: (cherry picked from commit 14eb0afce97b372d0dc4d2a4c41a00318a36b0e2) |
| Comment by Githook User [ 10/Jul/18 ] |
|
Author: {'username': 'super-cooper', 'name': 'Adam Cooper', 'email': 'adam.cooper@mongodb.com'}Message: (cherry picked from commit 14eb0afce97b372d0dc4d2a4c41a00318a36b0e2) |
| Comment by Githook User [ 11/Jun/18 ] |
|
Author: {'name': 'Adam Cooper', 'email': 'adam.cooper@mongodb.com'}Message: |
| Comment by Mark Benvenuto [ 29/May/18 ] |
|
We will add a new startup only boolean setParameter named "suppressNoTLSPeerCertificateWarning". Default will be false. |