[SERVER-58851] Add custom certificate validation for Windows LDAP connections Created: 26/Jul/21  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Mark Benvenuto Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by SERVER-59049 Add support for round robin DNS A rec... Backlog
Assigned Teams:
Server Security
Participants:

 Description   

Windows provides an option to configure how the server certificate is verified via LDAP_OPT_SERVER_CERTIFICATE. A callback hook will be set to call the existing SSLManagerWindows::parseAndValidatePeerCertificate. The Windows LDAP code will create an instance of SSLManagerWindows for its private use to load all the necessary certs and initialize all the structures to support building certificate chains.


Generated at Thu Feb 08 05:45:37 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.