<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:04:12 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DOCS-12022] Docs for SERVER-35418: Allow specifying CAs for incoming and outgoing connections separately </title>
                <link>https://jira.mongodb.org/browse/DOCS-12022</link>
                <project id="10380" key="DOCS">Documentation</project>
                    <description>&lt;h2&gt;&lt;a name=&quot;Description&quot;&gt;&lt;/a&gt;Description&lt;/h2&gt;
&lt;div class=&quot;panel&quot; style=&quot;background-color: #cccccc;border-style: dashed;border-width: 1px;&quot;&gt;&lt;div class=&quot;panelContent&quot; style=&quot;background-color: #cccccc;&quot;&gt;
&lt;h3&gt;&lt;a name=&quot;Description%3A&quot;&gt;&lt;/a&gt;Description: &lt;/h3&gt;

&lt;p&gt;See PM-1188 for details.&lt;/p&gt;

&lt;p&gt;This change adds a new (server only) configuration setting:&lt;br/&gt;
On CLI: --tlsClusterCAFile (aliased as --sslClusterCAFile )&lt;br/&gt;
In a YAML Config: net.tls.clusterCAFile (aliased as net.ssl.clusterCAFile )&lt;/p&gt;

&lt;p&gt;When provided, the certificate pointed to by this setting will be used to validate INBOUND connections to a MongoDB instance.  Remotes during outbound connections will continue to be validated using --tlsCAFile .  If the setting is not present, then both inbound and outbound connections will be validated using --tlsCAfile (as they currently are).&lt;/p&gt;

&lt;h3&gt;&lt;a name=&quot;EngineeringTicketDescription%3A&quot;&gt;&lt;/a&gt;Engineering Ticket Description:&lt;/h3&gt;

&lt;p&gt;The current MongoDB parameter &lt;tt&gt;sslCAFile&lt;/tt&gt; is used for both:&lt;br/&gt;
1) Incoming connections to MongoDB to verify a client certificate for both regular mutual auth and the x509 auth mechanism.&lt;br/&gt;
2) Outgoing connections to other members of the same cluster, when they are running SSL, to verify the server certificate of the other member.&lt;/p&gt;

&lt;p&gt;Overloading both of these uses into the same parameter prevents safely running MongoDB with a &lt;tt&gt;sslPEMKeyFile&lt;/tt&gt; signed by a public CA and also allowing the use of X509 authentication.&lt;/p&gt;
&lt;/div&gt;&lt;/div&gt;


&lt;h2&gt;&lt;a name=&quot;Scopeofchanges&quot;&gt;&lt;/a&gt;Scope of changes&lt;/h2&gt;

&lt;p&gt;For 4.2 and later:&lt;/p&gt;

&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Add &lt;tt&gt;--tlsClusterCAFile&lt;/tt&gt; as a command line option and {{net.tls.clusterCAFile }} as a configuration file option&lt;/li&gt;
	&lt;li&gt;Mark &lt;tt&gt;--sslClusterCAFile&lt;/tt&gt; as a deprecated command line option and &lt;tt&gt;net.ssl.clusterCAFile&lt;/tt&gt; as a deprecated configuration file option&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;For 4.0.3, 3.4.18, 3.6.9:&lt;/p&gt;
&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Add &lt;tt&gt;--sslClusterCAFile&lt;/tt&gt; as a command line option and &lt;tt&gt;net.ssl.clusterCAFile&lt;/tt&gt; as a configuration file option&lt;/li&gt;
&lt;/ul&gt;


</description>
                <environment></environment>
        <key id="599450">DOCS-12022</key>
            <summary>Docs for SERVER-35418: Allow specifying CAs for incoming and outgoing connections separately </summary>
                <type id="3" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14718&amp;avatarType=issuetype">Task</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="isabella.siu@mongodb.com">Isabella Siu</assignee>
                                    <reporter username="kay.kim@mongodb.com">Kay Kim</reporter>
                        <labels>
                    </labels>
                <created>Tue, 4 Sep 2018 20:17:17 +0000</created>
                <updated>Mon, 13 Nov 2023 18:31:47 +0000</updated>
                            <resolved>Fri, 12 Oct 2018 21:18:13 +0000</resolved>
                                                    <fixVersion>4.0.3</fixVersion>
                    <fixVersion>4.1.3</fixVersion>
                    <fixVersion>3.6.9</fixVersion>
                    <fixVersion>3.4.18</fixVersion>
                    <fixVersion>Server_Docs_20231030</fixVersion>
                    <fixVersion>Server_Docs_20231106</fixVersion>
                    <fixVersion>Server_Docs_20231105</fixVersion>
                    <fixVersion>Server_Docs_20231113</fixVersion>
                                    <component>manual</component>
                    <component>Server</component>
                        <due></due>
                            <votes>0</votes>
                                    <watches>2</watches>
                                                                                                                <comments>
                            <comment id="2065338" author="xgen-internal-githook" created="Fri, 16 Nov 2018 22:15:40 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Isabella Siu&apos;, &apos;email&apos;: &apos;isabellasiu@Isabellas-MacBook.local&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12022&quot; title=&quot;Docs for SERVER-35418: Allow specifying CAs for incoming and outgoing connections separately &quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12022&quot;&gt;&lt;del&gt;DOCS-12022&lt;/del&gt;&lt;/a&gt; backport sslClusterCAFile option to 3.6.9&lt;br/&gt;
Branch: v3.6&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/docs/commit/705605333ff909a646ceb28eb74150862852c5a5&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/docs/commit/705605333ff909a646ceb28eb74150862852c5a5&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2054810" author="xgen-internal-githook" created="Wed, 7 Nov 2018 18:00:46 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Isabella Siu&apos;, &apos;email&apos;: &apos;isabellasiu@Isabellas-MacBook.local&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12022&quot; title=&quot;Docs for SERVER-35418: Allow specifying CAs for incoming and outgoing connections separately &quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12022&quot;&gt;&lt;del&gt;DOCS-12022&lt;/del&gt;&lt;/a&gt; backport sslClusterCAFile option to 3.4.18&lt;br/&gt;
Branch: v3.4&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/docs/commit/0121e3e0ca68f4c513aca7ac1cf3a0c9a724d1a8&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/docs/commit/0121e3e0ca68f4c513aca7ac1cf3a0c9a724d1a8&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2033166" author="xgen-internal-githook" created="Mon, 15 Oct 2018 18:31:03 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Isabella Siu&apos;, &apos;email&apos;: &apos;isabellasiu@Isabellas-MacBook.local&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12022&quot; title=&quot;Docs for SERVER-35418: Allow specifying CAs for incoming and outgoing connections separately &quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12022&quot;&gt;&lt;del&gt;DOCS-12022&lt;/del&gt;&lt;/a&gt; backport sslClusterCAFile option to 3.4.18&lt;br/&gt;
Branch: v3.4.18&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/docs/commit/6117d1eb6ef04d59e8cdc2fac78b05ac4f33cd19&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/docs/commit/6117d1eb6ef04d59e8cdc2fac78b05ac4f33cd19&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2033152" author="xgen-internal-githook" created="Mon, 15 Oct 2018 18:20:06 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Isabella Siu&apos;, &apos;email&apos;: &apos;isabellasiu@Isabellas-MacBook.local&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12022&quot; title=&quot;Docs for SERVER-35418: Allow specifying CAs for incoming and outgoing connections separately &quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12022&quot;&gt;&lt;del&gt;DOCS-12022&lt;/del&gt;&lt;/a&gt; backport sslClusterCAFile option to 3.6.9&lt;br/&gt;
Branch: v3.6.9&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/docs/commit/22a4d333eb31cbb853ed9753bd4cfa897ec68f9a&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/docs/commit/22a4d333eb31cbb853ed9753bd4cfa897ec68f9a&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2033137" author="xgen-internal-githook" created="Mon, 15 Oct 2018 18:08:48 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Isabella Siu&apos;, &apos;email&apos;: &apos;isabellasiu@Isabellas-MacBook.local&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12022&quot; title=&quot;Docs for SERVER-35418: Allow specifying CAs for incoming and outgoing connections separately &quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12022&quot;&gt;&lt;del&gt;DOCS-12022&lt;/del&gt;&lt;/a&gt; add tlsClusterCAFile option&lt;br/&gt;
Branch: v4.0&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/docs/commit/479185a15d9586964b41fcae650323c40f5c0aa7&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/docs/commit/479185a15d9586964b41fcae650323c40f5c0aa7&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2032847" author="xgen-internal-githook" created="Mon, 15 Oct 2018 15:04:36 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Isabella Siu&apos;, &apos;email&apos;: &apos;isabellasiu@Isabellas-MacBook.local&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12022&quot; title=&quot;Docs for SERVER-35418: Allow specifying CAs for incoming and outgoing connections separately &quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12022&quot;&gt;&lt;del&gt;DOCS-12022&lt;/del&gt;&lt;/a&gt; add tlsClusterCAFile option&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/docs/commit/4d97ee5be233b1eba16f473beef749e8b7918163&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/docs/commit/4d97ee5be233b1eba16f473beef749e8b7918163&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10320">
                    <name>Documented</name>
                                            <outwardlinks description="documents">
                                        <issuelink>
            <issuekey id="554673">SERVER-35418</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10010">
                    <name>Duplicate</name>
                                                                <inwardlinks description="is duplicated by">
                                                        </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>6.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Fri, 28 Sep 2018 17:23:19 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        5 years, 12 weeks, 5 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10857" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>DOCS-11762</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>emet.ozar@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            5 years, 12 weeks, 5 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>xgen-internal-githook</customfieldvalue>
            <customfieldvalue>isabella.siu@mongodb.com</customfieldvalue>
            <customfieldvalue>kay.kim@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hu74in:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|htxmmf:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hu6qrz:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                </customfields>
    </item>
</channel>
</rss>