[SERVER-7455] Replace the keyfile used for replica sets with x.509 authentication Created: 24/Oct/12  Updated: 27/Oct/15  Resolved: 30/Sep/13

Status: Closed
Project: Core Server
Component/s: Replication, Security
Affects Version/s: 2.2.0
Fix Version/s: 2.5.3

Type: New Feature Priority: Major - P3
Reporter: Simon Harvey Assignee: Andreas Nilsson
Resolution: Done Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

RHEL 6


Issue Links:
Depends
is depended on by DOCS-1576 Document Keyfile Alternatives Closed
Gantt Dependency
has to be done after SERVER-7961 Use x.509 certificates for authentica... Closed
Participants:

 Description   

The current cluster authentication keyfile solution has some room for improvement including

  • It is difficult/impossible to change the keyfile in a running system
  • All cluster members use the same keyfile
  • The password contained in the keyfile is in cleartext as described in the original ticket.

As part of implementing x.509 authentication for clients, introduce the possibility to use x.509 for internal cluster authentication. The keyfile solution will be kept on (for now).

Original ticket: "The keyfile used for replica sets (defined by the keyFile entry in the coinfiguartion file) should not contain a simple clear text entry. This should be encrypted or stored by some other method as at present this means it would be possible for someone to access data by setting up a new replica set member using this key. It is also a general compliance issue for any password or key to be stored in a file in clear text."



 Comments   
Comment by auto [ 11/Oct/13 ]

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: SERVER-7455 Improvements to the use-x509 and use-ssl passthroughs
Branch: master
https://github.com/mongodb/mongo/commit/8cd3c95861417614dfac3a8cbf9f6c7621d40e93

Comment by auto [ 03/Oct/13 ]

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: SERVER-7455 x.509 cluster auth tests
Branch: master
https://github.com/mongodb/mongo/commit/7db361fe2dac4a533f3f51bf51a2c35b99488cc1

Comment by auto [ 30/Sep/13 ]

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: SERVER-7455 x.509 cluster auth tests and expanded use-ssl passthrough
Branch: master
https://github.com/mongodb/mongo/commit/625e971353db40be3a3c91aa1c1d708af9705693

Comment by auto [ 10/Jul/13 ]

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: SERVER-7455 keyfile replacement, command line parameters and upgrade
Branch: master
https://github.com/mongodb/mongo/commit/6685c058c7bf4444f14fcae61f56b7783b5edebe

Comment by auto [ 08/Jul/13 ]

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: SERVER-7455 Using common internal cluster auth function
Branch: master
https://github.com/mongodb/mongo/commit/7c21379b070154a381e3df340a1f830a074969b8

Comment by auto [ 03/Jul/13 ]

Author:

{u'username': u'andy10gen', u'name': u'Andy Schwerin', u'email': u'schwerin@10gen.com'}

Message: Reapply "SERVER-7455 Common internal cluster auth function"

This reverts commit cd3101ca2f8e539a4ad425fa8e6da55a935dd2b1, but fixes a symbol
misplacement that broke linking.
Branch: master
https://github.com/mongodb/mongo/commit/95efa9a5dd492f8abc85e412aaec9163c7a93ad2

Comment by auto [ 03/Jul/13 ]

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: Revert "SERVER-7455 Common internal cluster auth function"

Broke auth C++ unit tests

This reverts commit 00fb45cd97d2314548dc07c2c8e1cc1737fd273f.
Branch: master
https://github.com/mongodb/mongo/commit/cd3101ca2f8e539a4ad425fa8e6da55a935dd2b1

Comment by auto [ 03/Jul/13 ]

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: SERVER-7455 Common internal cluster auth function
Branch: master
https://github.com/mongodb/mongo/commit/00fb45cd97d2314548dc07c2c8e1cc1737fd273f

Comment by auto [ 13/Jun/13 ]

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: SERVER-7455 SERVER-7961 x.509 authentication and keyfile replacement

Basic support for x.509 authentication of clients and for internal
x.509 authentication of cluster members.
Branch: master
https://github.com/mongodb/mongo/commit/e23ee681ca40f271ddbbd840f155a9b13102f148

Comment by David Burke [ 19/Dec/12 ]

This is also a problem for us. It's more of an issue running mongos on windows where its harder to secure the permissions for the keyFile. We encrypt our connectionsStrings using this mechanism(http://msdn.microsoft.com/en-us/library/system.configuration.rsaprotectedconfigurationprovider.aspx) but its not much use if the keyFile is there in plaintext

Generated at Thu Feb 08 03:14:35 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.