<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 22:45:43 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[COMPASS-7197] Investigate changes in SERVER-72839: Server skips peer certificate validation if neither CAFile nor clusterCAFile is provided</title>
                <link>https://jira.mongodb.org/browse/COMPASS-7197</link>
                <project id="13182" key="COMPASS">Compass </project>
                    <description>    &lt;div class=&quot;panel&quot; style=&quot;background-color: #c2d2c2;border-width: 1px;&quot;&gt;&lt;div class=&quot;panelHeader&quot; style=&quot;border-bottom-width: 1px;background-color: #239eb0;&quot;&gt;&lt;b&gt;Original Downstream Change Summary&lt;/b&gt;&lt;/div&gt;&lt;/div&gt;
&lt;p&gt;    Connections that previously worked due to Cert checking failing to occur (where the check should have failed but didn&apos;t) may no longer work.&lt;/p&gt;
&lt;h2&gt;&lt;a name=&quot;DescriptionofLinkedTicket&quot;&gt;&lt;/a&gt;Description of Linked Ticket&lt;/h2&gt;
&lt;p&gt;    The &lt;a href=&quot;https://www.mongodb.com/docs/manual/reference/configuration-options/#mongodb-setting-net.tls.mode&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;documentation&lt;/a&gt; says that:&lt;/p&gt;

&lt;p&gt;If --tlsCAFile or tls.CAFile is not specified and you are not using x.509 authentication, the system-wide CA certificate store will be used when connecting to an TLS-enabled server.&lt;/p&gt;

&lt;p&gt;However, when a server is configured with neither CAFile nor clusterCAFile, it will skip peer certificate validation on &lt;b&gt;both&lt;/b&gt; ingress and egress TLS connections. The expectation is that on egress connection, the node (client) should at least verify the peer (server&apos;s) certificate using the system CA cert store.&lt;/p&gt;

&lt;p&gt;Note, this only applies to server processes (mongod and mongos), the shell is not affected.&lt;/p&gt;
</description>
                <environment></environment>
        <key id="2436701">COMPASS-7197</key>
            <summary>Investigate changes in SERVER-72839: Server skips peer certificate validation if neither CAFile nor clusterCAFile is provided</summary>
                <type id="10501" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14720&amp;avatarType=issuetype">Investigation</type>
                                            <priority id="4" iconUrl="https://jira.mongodb.org/images/icons/priorities/minor.svg">Minor - P4</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="backlog-server-pm">Backlog - Core Eng Program Management Team</reporter>
                        <labels>
                    </labels>
                <created>Thu, 7 Sep 2023 16:54:08 +0000</created>
                <updated>Sun, 28 Jan 2024 02:43:31 +0000</updated>
                            <resolved>Mon, 11 Sep 2023 10:06:43 +0000</resolved>
                                                    <fixVersion>No version</fixVersion>
                                        <due></due>
                            <votes>0</votes>
                                    <watches>2</watches>
                                                                                                                <comments>
                            <comment id="6047288" author="dbeng-pm-bot" created="Sun, 28 Jan 2024 02:43:31 +0000"  >&lt;p&gt;&lt;em&gt;Fix Version updated for upstream &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-72839&quot; title=&quot;Server skips peer certificate validation if neither CAFile nor clusterCAFile is provided&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-72839&quot;&gt;&lt;del&gt;SERVER-72839&lt;/del&gt;&lt;/a&gt;:&lt;/em&gt; &lt;br/&gt;
7.1.0-rc4, 7.0.6, 5.0.25, 4.4.29, 6.0.14&lt;/p&gt;</comment>
                            <comment id="6047287" author="dbeng-pm-bot" created="Sun, 28 Jan 2024 02:43:23 +0000"  >&lt;p&gt;&lt;em&gt;Fix Version updated for upstream &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-72839&quot; title=&quot;Server skips peer certificate validation if neither CAFile nor clusterCAFile is provided&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-72839&quot;&gt;&lt;del&gt;SERVER-72839&lt;/del&gt;&lt;/a&gt;:&lt;/em&gt; &lt;br/&gt;
7.1.0-rc4, 7.0.6, 4.4.29, 6.0.14&lt;/p&gt;</comment>
                            <comment id="6046816" author="dbeng-pm-bot" created="Sat, 27 Jan 2024 14:43:30 +0000"  >&lt;p&gt;&lt;em&gt;Fix Version updated for upstream &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-72839&quot; title=&quot;Server skips peer certificate validation if neither CAFile nor clusterCAFile is provided&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-72839&quot;&gt;&lt;del&gt;SERVER-72839&lt;/del&gt;&lt;/a&gt;:&lt;/em&gt; &lt;br/&gt;
7.1.0-rc4, 7.0.6, 6.0.14&lt;/p&gt;</comment>
                            <comment id="6046667" author="dbeng-pm-bot" created="Sat, 27 Jan 2024 12:13:37 +0000"  >&lt;p&gt;&lt;em&gt;Fix Version updated for upstream &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-72839&quot; title=&quot;Server skips peer certificate validation if neither CAFile nor clusterCAFile is provided&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-72839&quot;&gt;&lt;del&gt;SERVER-72839&lt;/del&gt;&lt;/a&gt;:&lt;/em&gt; &lt;br/&gt;
7.1.0-rc4, 7.0.6&lt;/p&gt;</comment>
                            <comment id="5738806" author="dbeng-pm-bot" created="Thu, 28 Sep 2023 19:17:44 +0000"  >&lt;p&gt;&lt;em&gt;Fix Version updated for upstream &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-72839&quot; title=&quot;Server skips peer certificate validation if neither CAFile nor clusterCAFile is provided&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-72839&quot;&gt;&lt;del&gt;SERVER-72839&lt;/del&gt;&lt;/a&gt;:&lt;/em&gt; &lt;br/&gt;
7.1.0-rc4&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                        <issuelink>
            <issuekey id="2232852">SERVER-72839</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>5.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Thu, 7 Sep 2023 16:54:13 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        1 week, 3 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[<s><a href='https://jira.mongodb.org/browse/SERVER-72839'>SERVER-72839</a></s>]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10257" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Documentation Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="11861"><![CDATA[Not Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>dbeng-pm-bot</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            1 week, 3 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>backlog-server-pm</customfieldvalue>
            <customfieldvalue>dbeng-pm-bot</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|i2pll3:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i27kx4:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|i2p7qf:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>