[SERVER-80741] Support rotating TLS certificates used by the gRPC server Created: 05/Sep/23  Updated: 29/Oct/23  Resolved: 23/Oct/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 7.2.0-rc0

Type: New Feature Priority: Major - P3
Reporter: Patrick Freed Assignee: Erin McNulty
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Sprint: Service Arch 2023-10-02, Service Arch 2023-10-16, Service Arch 2023-10-30
Participants:

 Description   

The current gRPC Server implementation only supports reading a certificate at startup and using it for the duration of its lifetime. We should extend this to allow rotating certificates without restarting the server through the rotateCertificates command, similar to what can be done today with asio.

See the design for details.

https://www.mongodb.com/docs/manual/reference/command/rotateCertificates/



 Comments   
Comment by Githook User [ 20/Oct/23 ]

Author:

{'name': 'Erin McNulty', 'email': 'erin.mcnulty@mongodb.com', 'username': 'erin2722'}

Message: SERVER-80741: Support rotating TLS certificates used by the gRPC server
Branch: master
https://github.com/mongodb/mongo/commit/01551ea99903eced520614deec851a07bd505a2e

Generated at Thu Feb 08 06:44:27 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.