[SERVER-37494] RFE: Ability to change TLS/SSL certificate used by MongoDB without server restart Created: 05/Oct/18 Updated: 06/Oct/18 Resolved: 05/Oct/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Vaibhaw Pandey | Assignee: | Nick Brewer |
| Resolution: | Duplicate | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Participants: | |||||||||
| Description |
|
The primary use case here is supporting Let's Encrypt (LE) signed certificates with MongoDB. LE is fast becoming the simplest (and cheapest) way to get proper signed certificates. However their short validity (90 days, see https://letsencrypt.org/2015/11/09/why-90-days.html) is serious issue in adopting them for database servers. The ability to swap certificates without turning off the MongoDB server completely would be really useful. Wondering what is the MongoDB position/opinion on this. |
| Comments |
| Comment by Vaibhaw Pandey [ 06/Oct/18 ] |
|
Thanks Nick. Will do.
|
| Comment by Nick Brewer [ 05/Oct/18 ] |
|
vaibhaw We currently have a ticket open to track a similar request: You can vote for that issue, and follow along with it for updates. -Nick |