[SERVER-7455] Replace the keyfile used for replica sets with x.509 authentication Created: 24/Oct/12 Updated: 27/Oct/15 Resolved: 30/Sep/13 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Replication, Security |
| Affects Version/s: | 2.2.0 |
| Fix Version/s: | 2.5.3 |
| Type: | New Feature | Priority: | Major - P3 |
| Reporter: | Simon Harvey | Assignee: | Andreas Nilsson |
| Resolution: | Done | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
RHEL 6 |
||
| Issue Links: |
|
||||||||||||||||
| Participants: | |||||||||||||||||
| Description |
|
The current cluster authentication keyfile solution has some room for improvement including
As part of implementing x.509 authentication for clients, introduce the possibility to use x.509 for internal cluster authentication. The keyfile solution will be kept on (for now). Original ticket: "The keyfile used for replica sets (defined by the keyFile entry in the coinfiguartion file) should not contain a simple clear text entry. This should be encrypted or stored by some other method as at present this means it would be possible for someone to access data by setting up a new replica set member using this key. It is also a general compliance issue for any password or key to be stored in a file in clear text." |
| Comments |
| Comment by auto [ 11/Oct/13 ] |
|
Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}Message: |
| Comment by auto [ 03/Oct/13 ] |
|
Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}Message: |
| Comment by auto [ 30/Sep/13 ] |
|
Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}Message: |
| Comment by auto [ 10/Jul/13 ] |
|
Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}Message: |
| Comment by auto [ 08/Jul/13 ] |
|
Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}Message: |
| Comment by auto [ 03/Jul/13 ] |
|
Author: {u'username': u'andy10gen', u'name': u'Andy Schwerin', u'email': u'schwerin@10gen.com'}Message: Reapply " This reverts commit cd3101ca2f8e539a4ad425fa8e6da55a935dd2b1, but fixes a symbol |
| Comment by auto [ 03/Jul/13 ] |
|
Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}Message: Revert " Broke auth C++ unit tests This reverts commit 00fb45cd97d2314548dc07c2c8e1cc1737fd273f. |
| Comment by auto [ 03/Jul/13 ] |
|
Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}Message: |
| Comment by auto [ 13/Jun/13 ] |
|
Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}Message: Basic support for x.509 authentication of clients and for internal |
| Comment by David Burke [ 19/Dec/12 ] |
|
This is also a problem for us. It's more of an issue running mongos on windows where its harder to secure the permissions for the keyFile. We encrypt our connectionsStrings using this mechanism(http://msdn.microsoft.com/en-us/library/system.configuration.rsaprotectedconfigurationprovider.aspx) but its not much use if the keyFile is there in plaintext |