[SERVER-72846] Fix misleading startup warning about client certificate validation Created: 13/Jan/23 Updated: 29/Oct/23 Resolved: 17/Feb/23 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 7.0.0-rc0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Erwin Pe | Assignee: | Adrian Gonzalez Montemayor |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | auto-reverted, neweng | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Assigned Teams: |
Server Security
|
||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||
| Sprint: | Security 2023-01-23, Security 2023-02-06, Security 2023-02-20 | ||||||||||||
| Participants: | |||||||||||||
| Linked BF Score: | 157 | ||||||||||||
| Description |
|
This warning at startup:
is logged when the CAFile is unspecified. However, if clusterCAFile is specified (instead of CAFile), this warning is still logged even though client certificate validation can be performed using the clusterCAFile. We should fix it so that this warning only shows up if CAFile and clusterCAFile are not provided. |
| Comments |
| Comment by Githook User [ 16/Feb/23 ] |
|
Author: {'name': 'Adrian Gonzalez', 'email': 'adriangonzalezmontemayor@gmail.com', 'username': 'adriangzz'}Message: |
| Comment by xgen-buildbaron-user [ 16/Feb/23 ] |
|
Ticket re-opened due to revert. ssl began a consistent failure of jstests\ssl\tls_startup_warning.js |
| Comment by Githook User [ 16/Feb/23 ] |
|
Author: {'name': 'auto-revert-processor', 'email': 'dev-prod-dag@mongodb.com', 'username': ''}Message: Revert " This reverts commit d4a12374e4ae013b12476418d796c4112b5bcd0d. |
| Comment by Githook User [ 15/Feb/23 ] |
|
Author: {'name': 'Adrian Gonzalez', 'email': 'adriangonzalezmontemayor@gmail.com', 'username': 'adriangzz'}Message: |