[SERVER-9895] Support rolling upgrade from no auth to keyfile or x.509 certificates. Created: 10/Jun/13  Updated: 10/Dec/14  Resolved: 21/May/14

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 2.4.4, 2.5.0
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: Andy Schwerin Assignee: Andreas Nilsson
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on SERVER-9685 Support three authentication modes, c... Closed
Duplicate
duplicates SERVER-6823 Enable Access control without downtime Closed
Participants:

 Description   

In current versions of MongoDB, it is not possible to effect a rolling upgrade from a state in which authentication is not required to one in which it is. This should change. It should be possible to follow a procedure to upgrade the form of inter-node authentication used in the cluster in a rolling fashion.



 Comments   
Comment by Andreas Nilsson [ 03/Oct/13 ]

Rolling upgrade from keyfile->x.509 is supported form 2.5.2.

michael.grundy@10gen.com and kyle.erf rolling upgrade from no auth->auth is currently not supported. It might make it into 2.5.4.

Generated at Thu Feb 08 03:21:45 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.