[SERVER-37494] RFE: Ability to change TLS/SSL certificate used by MongoDB without server restart Created: 05/Oct/18  Updated: 06/Oct/18  Resolved: 05/Oct/18

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Minor - P4
Reporter: Vaibhaw Pandey Assignee: Nick Brewer
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
duplicates SERVER-10962 Add support for online (SSL/X.509) se... Closed
Participants:

 Description   

The primary use case here is supporting Let's Encrypt (LE) signed certificates with MongoDB. LE is fast becoming the simplest (and cheapest) way to get proper signed certificates. However their short validity (90 days, see https://letsencrypt.org/2015/11/09/why-90-days.html) is serious issue in adopting them for database servers.

The ability to swap certificates without turning off the MongoDB server completely would be really useful. Wondering what is the MongoDB position/opinion on this.



 Comments   
Comment by Vaibhaw Pandey [ 06/Oct/18 ]

Thanks Nick. Will do.

 

Comment by Nick Brewer [ 05/Oct/18 ]

vaibhaw We currently have a ticket open to track a similar request: SERVER-10962

You can vote for that issue, and follow along with it for updates.

-Nick

Generated at Thu Feb 08 04:46:09 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.