[SERVER-59062] Streamline SSL layer for better X509 infrastructure support Created: 03/Aug/21  Updated: 06/Dec/22  Resolved: 11/Aug/21

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Sergey Galtsev (Inactive) Assignee: Backlog - Security Team
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Issue split
Assigned Teams:
Server Security
Participants:

 Description   

Instead of having separate CA vs CusterCA, we should have a single CA with role separation: e.g.: allow specifying limitations on which CA can be used for what purpose. Specifically, to pin X509 authorization to a specific roots only


Generated at Thu Feb 08 05:46:14 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.