[SERVER-27264] With net.ssl.allowConnectionsWithoutCertificates: true, allow disabling no client certificate log warnings Created: 02/Dec/16  Updated: 11/Jul/18  Resolved: 11/Jun/18

Status: Closed
Project: Core Server
Component/s: Logging
Affects Version/s: None
Fix Version/s: 3.4.16, 3.6.6, 4.0.1, 4.1.1

Type: Improvement Priority: Minor - P4
Reporter: Emilio Scalise Assignee: Adam Cooper (Inactive)
Resolution: Done Votes: 1
Labels: neweng, platforms-interns-2017, platforms_security
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Documented
is documented by DOCS-11810 Docs for SERVER-27264: With net.ssl.a... Closed
Backwards Compatibility: Fully Compatible
Backport Requested:
v4.0, v3.6, v3.4
Participants:
Case:

 Description   

When net.ssl.allowConnectionsWithoutCertificates: true every client connection using no SSL certificate produces a warning message in the log:

2016-XX-XXTXX:XX:XX.XXX+0000 W NETWORK [connXXXX] no SSL certificate provided by peer

It would be nice if it is possible to suppress those warnings, as SSL connections with no client certificates are enabled explicitly by setting net.ssl.allowConnectionsWithoutCertificates: true.



 Comments   
Comment by Githook User [ 11/Jul/18 ]

Author:

{'username': 'super-cooper', 'name': 'Adam Cooper', 'email': 'adam.cooper@mongodb.com'}

Message: SERVER-27264 Allow disabling no client certificate warning

(cherry picked from commit 14eb0afce97b372d0dc4d2a4c41a00318a36b0e2)
(cherry picked from commit b6f473d3357aba0a0b686d19ad3d2e5b03ceb524)
Branch: v3.4
https://github.com/mongodb/mongo/commit/f3193cc91c22166892ec6d38038418496d57df01

Comment by Githook User [ 11/Jul/18 ]

Author:

{'username': 'super-cooper', 'name': 'Adam Cooper', 'email': 'adam.cooper@mongodb.com'}

Message: SERVER-27264 Allow disabling no client certificate warning

(cherry picked from commit 14eb0afce97b372d0dc4d2a4c41a00318a36b0e2)
Branch: v3.6
https://github.com/mongodb/mongo/commit/8f62430465e79bc38f551437d75ff9bbe0f06ff0

Comment by Githook User [ 10/Jul/18 ]

Author:

{'username': 'super-cooper', 'name': 'Adam Cooper', 'email': 'adam.cooper@mongodb.com'}

Message: SERVER-27264 Allow disabling no client certificate warning

(cherry picked from commit 14eb0afce97b372d0dc4d2a4c41a00318a36b0e2)
Branch: v4.0
https://github.com/mongodb/mongo/commit/56d0fa54da38a40d96361df39967e48a9d26df78

Comment by Githook User [ 11/Jun/18 ]

Author:

{'name': 'Adam Cooper', 'email': 'adam.cooper@mongodb.com'}

Message: SERVER-27264 Allow disabling no client certificate warning
Branch: master
https://github.com/mongodb/mongo/commit/14eb0afce97b372d0dc4d2a4c41a00318a36b0e2

Comment by Mark Benvenuto [ 29/May/18 ]

We will add a new startup only boolean setParameter named "suppressNoTLSPeerCertificateWarning". Default will be false.

Generated at Thu Feb 08 04:14:40 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.