[SERVER-7202] SSL/TLS certificate validation support Created: 28/Sep/12 Updated: 19/Mar/13 Resolved: 17/Dec/12 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | 2.3.2 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Eric Milkie | Assignee: | Eric Milkie |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Participants: | |||||||||||||||||
| Description |
|
Master issue for implementing TLS certificate validation support |
| Comments |
| Comment by auto [ 13/Jan/13 ] |
|
Author: {u'date': u'2013-01-13T17:04:37Z', u'email': u'milkie@10gen.com', u'name': u'Eric Milkie'}Message: |
| Comment by auto [ 14/Dec/12 ] |
|
Author: {u'date': u'2012-12-14T16:24:36Z', u'email': u'milkie@10gen.com', u'name': u'Eric Milkie'}Message: |
| Comment by auto [ 14/Dec/12 ] |
|
Author: {u'date': u'2012-12-13T21:42:11Z', u'email': u'milkie@10gen.com', u'name': u'Eric Milkie'}Message: |
| Comment by auto [ 14/Dec/12 ] |
|
Author: {u'date': u'2012-12-13T21:03:10Z', u'email': u'milkie@10gen.com', u'name': u'Eric Milkie'}Message: |
| Comment by auto [ 14/Dec/12 ] |
|
Author: {u'date': u'2012-12-13T15:59:16Z', u'email': u'milkie@10gen.com', u'name': u'Eric Milkie'}Message: |
| Comment by auto [ 12/Dec/12 ] |
|
Author: {u'date': u'2012-12-12T15:58:23Z', u'email': u'milkie@10gen.com', u'name': u'Eric Milkie'}Message: |
| Comment by auto [ 11/Dec/12 ] |
|
Author: {u'date': u'2012-12-11T20:51:23Z', u'email': u'milkie@10gen.com', u'name': u'Eric Milkie'}Message: Rather than a single global Manager, |
| Comment by auto [ 11/Dec/12 ] |
|
Author: {u'date': u'2012-12-11T16:16:58Z', u'email': u'milkie@10gen.com', u'name': u'Eric Milkie'}Message: Adjust unit tests to present certificates for validation at SSL handshake time. |
| Comment by auto [ 11/Dec/12 ] |
|
Author: {u'date': u'2012-12-11T14:59:53Z', u'email': u'milkie@10gen.com', u'name': u'Eric Milkie'}Message: New command line flag --sslCAFile specifies a file containing certificates mongo shell now supports --sslPEMKeyFile and --sslPEMKeyPassword to specify the Note that certificate validation is not forced; validation only currently occurs Note that all of these features require --ssl parameter passed to scons at build time. |
| Comment by auto [ 05/Dec/12 ] |
|
Author: {u'date': u'2012-12-04T18:33:24Z', u'name': u'Eric Milkie', u'email': u'milkie@10gen.com'}Message: |
| Comment by auto [ 04/Dec/12 ] |
|
Author: {u'date': u'2012-12-03T19:40:49Z', u'email': u'milkie@10gen.com', u'name': u'Eric Milkie'}Message: 1. change "postFork()" to "doSSLHandshake()" |
| Comment by auto [ 27/Nov/12 ] |
|
Author: {u'date': u'2012-11-26T21:13:24Z', u'email': u'milkie@10gen.com', u'name': u'Eric Milkie'}Message:
|
| Comment by auto [ 26/Nov/12 ] |
|
Author: {u'date': u'2012-11-26T21:07:02Z', u'email': u'milkie@10gen.com', u'name': u'Eric Milkie'}Message: |