<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:04:30 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DOCS-12152] Clarify how to configure client certificate and CA file for oplog store and blockstore</title>
                <link>https://jira.mongodb.org/browse/DOCS-12152</link>
                <project id="10380" key="DOCS">Documentation</project>
                    <description>&lt;h2&gt;&lt;a name=&quot;Description&quot;&gt;&lt;/a&gt;Description&lt;/h2&gt;
&lt;p&gt;In the UI for both, oplog store and blockstore configuration, we only have the `Use TLS/SSL` check box:&lt;br/&gt;
&lt;span class=&quot;image-wrap&quot; style=&quot;&quot;&gt;&lt;a id=&quot;198971_thumb&quot; href=&quot;https://jira.mongodb.org/secure/attachment/198971/198971_check_box.png&quot; title=&quot;check_box.png&quot; file-preview-type=&quot;image&quot; file-preview-id=&quot;198971&quot; file-preview-title=&quot;check_box.png&quot;&gt;&lt;img src=&quot;https://jira.mongodb.org/secure/thumbnail/198971/_thumb_198971.png&quot; style=&quot;border: 0px solid black&quot; role=&quot;presentation&quot;/&gt;&lt;/a&gt;&lt;/span&gt;&lt;br/&gt;
However there is no way to configure client certificate location or CA file from the UI. &lt;/p&gt;

&lt;p&gt;I suspect that the answer is that SSL needs to be enabled for the Application Database and that &lt;tt&gt;mongodb.ssl.CAFile&lt;/tt&gt;, &lt;tt&gt;mongodb.ssl.PEMKeyFile&lt;/tt&gt; and &lt;tt&gt;mongodb.ssl.PEMKeyFilePassword&lt;/tt&gt; from &lt;tt&gt;conf-mms.properties&lt;/tt&gt; will be used for the oplog store. &lt;/p&gt;

&lt;p&gt;Consequently, it is &lt;em&gt;not&lt;/em&gt; possible to use a different set of certificates for blockstore/oplog store than those that are used for the App DB.&lt;/p&gt;

&lt;p&gt;But it is not really obvious from the documentation:&lt;/p&gt;
&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;&lt;a href=&quot;https://docs.opsmanager.mongodb.com/current/tutorial/configure-ssl-connection-to-backing-mongodb/index.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Configure the Connections to the Backing MongoDB Instances&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;h2&gt;&lt;a name=&quot;Scopeofchanges&quot;&gt;&lt;/a&gt;Scope of changes&lt;/h2&gt;

&lt;h2&gt;&lt;a name=&quot;ImpacttoOtherDocs&quot;&gt;&lt;/a&gt;Impact to Other Docs&lt;/h2&gt;

&lt;h2&gt;&lt;a name=&quot;MVP%28WorkandDate%29&quot;&gt;&lt;/a&gt;MVP (Work and Date)&lt;/h2&gt;

&lt;h2&gt;&lt;a name=&quot;Resources%28ScopeorDesignDocs%2CInvision%2Cetc.%29&quot;&gt;&lt;/a&gt;Resources (Scope or Design Docs, Invision, etc.)&lt;/h2&gt;
</description>
                <environment>&lt;a href=&quot;https://docs.opsmanager.mongodb.com/current/tutorial/configure-ssl-connection-to-backing-mongodb&quot;&gt;https://docs.opsmanager.mongodb.com/current/tutorial/configure-ssl-connection-to-backing-mongodb&lt;/a&gt;</environment>
        <key id="621526">DOCS-12152</key>
            <summary>Clarify how to configure client certificate and CA file for oplog store and blockstore</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="tony.sansone@mongodb.com">Anthony Sansone</assignee>
                                    <reporter username="dmitry.ryabtsev@mongodb.com">Dmitry Ryabtsev</reporter>
                        <labels>
                    </labels>
                <created>Fri, 19 Oct 2018 05:46:00 +0000</created>
                <updated>Sun, 29 Oct 2023 13:57:10 +0000</updated>
                            <resolved>Sat, 4 May 2019 18:07:43 +0000</resolved>
                                    <version>4.0.0</version>
                                                    <component>Ops Manager</component>
                        <due></due>
                            <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                                                            <comments>
                            <comment id="2234624" author="xgen-internal-githook" created="Sat, 4 May 2019 19:27:42 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Anthony Sansone&apos;, &apos;username&apos;: &apos;atsansone&apos;, &apos;email&apos;: &apos;tony.sansone@mongodb.com&apos;}
&lt;p&gt;Message: (&lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12680&quot; title=&quot;Backport DOCS-12152 Add to v4.0&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12680&quot;&gt;&lt;del&gt;DOCS-12680&lt;/del&gt;&lt;/a&gt;): Backport &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12152&quot; title=&quot;Clarify how to configure client certificate and CA file for oplog store and blockstore&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12152&quot;&gt;&lt;del&gt;DOCS-12152&lt;/del&gt;&lt;/a&gt;-add to v4.0&lt;/p&gt;

&lt;p&gt;(cherry picked from commit b98e1ae831128128827ac482cb4060f202ab86de)&lt;br/&gt;
Branch: v4.0&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mms-docs/commit/b88cc2f3c6462016f9b5654231faf7e528442c3b&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mms-docs/commit/b88cc2f3c6462016f9b5654231faf7e528442c3b&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2234621" author="xgen-internal-githook" created="Sat, 4 May 2019 19:14:24 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Anthony Sansone&apos;, &apos;username&apos;: &apos;atsansone&apos;, &apos;email&apos;: &apos;tony.sansone@mongodb.com&apos;}
&lt;p&gt;Message: (&lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12679&quot; title=&quot;Backport DOCS-12152 Add to v4.1&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12679&quot;&gt;&lt;del&gt;DOCS-12679&lt;/del&gt;&lt;/a&gt;): Backport &lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12152&quot; title=&quot;Clarify how to configure client certificate and CA file for oplog store and blockstore&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12152&quot;&gt;&lt;del&gt;DOCS-12152&lt;/del&gt;&lt;/a&gt;-add to v4.1&lt;/p&gt;

&lt;p&gt;(cherry picked from commit b98e1ae831128128827ac482cb4060f202ab86de)&lt;br/&gt;
Branch: v4.1&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mms-docs/commit/89bd7fe6b33c5fe7ce1696dd08bc1ea3d1f404aa&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mms-docs/commit/89bd7fe6b33c5fe7ce1696dd08bc1ea3d1f404aa&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2234609" author="xgen-internal-githook" created="Sat, 4 May 2019 18:25:32 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Anthony Sansone&apos;, &apos;username&apos;: &apos;atsansone&apos;, &apos;email&apos;: &apos;tony.sansone@mongodb.com&apos;}
&lt;p&gt;Message: (&lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12152&quot; title=&quot;Clarify how to configure client certificate and CA file for oplog store and blockstore&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12152&quot;&gt;&lt;del&gt;DOCS-12152&lt;/del&gt;&lt;/a&gt;): Added TLS info to backing database pages.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mms-docs/commit/077824a581d337190019ff3ef8190de94e5dad9b&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mms-docs/commit/077824a581d337190019ff3ef8190de94e5dad9b&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2131773" author="emilio.scalise" created="Wed, 30 Jan 2019 10:40:14 +0000"  >&lt;p&gt;I am reopening this case because while the &lt;a href=&quot;https://docs.opsmanager.mongodb.com/current/tutorial/configure-ssl-connection-to-backing-mongodb/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Configure the Connections to the Backing MongoDB Instances&lt;/a&gt; page clarifies that the mongo.ssl.* configuration settings will apply to all the connection to all the backing databases, this is not mentioned in the &lt;a href=&quot;https://docs.opsmanager.mongodb.com/current/reference/configuration/#ssl-connection-to-the-application-database&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Ops Manager configuration reference page&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;Additionally, this should be clearly mentioned in the following pages for the blockstore db, s3 blockstore and oplog db configuration docs pages:&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://docs.opsmanager.mongodb.com/current/tutorial/manage-blockstore-storage/#provide-the-blockstore-details&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://docs.opsmanager.mongodb.com/current/tutorial/manage-blockstore-storage/#provide-the-blockstore-details&lt;/a&gt;&lt;br/&gt;
&lt;a href=&quot;https://docs.opsmanager.mongodb.com/current/tutorial/manage-s3-blockstore-storage/#provide-the-s3-blockstore-details&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://docs.opsmanager.mongodb.com/current/tutorial/manage-s3-blockstore-storage/#provide-the-s3-blockstore-details&lt;/a&gt;&lt;br/&gt;
&lt;a href=&quot;https://docs.opsmanager.mongodb.com/current/tutorial/manage-oplog-storage/#in-the-mongodb-connection-column-update-any-values-that-need-to-be-changed-in-the-following-fields&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://docs.opsmanager.mongodb.com/current/tutorial/manage-oplog-storage/#in-the-mongodb-connection-column-update-any-values-that-need-to-be-changed-in-the-following-fields&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2067425" author="xgen-internal-githook" created="Tue, 20 Nov 2018 04:33:46 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Anthony Sansone&apos;, &apos;email&apos;: &apos;tony.sansone@mongodb.com&apos;, &apos;username&apos;: &apos;atsansone&apos;}
&lt;p&gt;Message: (&lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12152&quot; title=&quot;Clarify how to configure client certificate and CA file for oplog store and blockstore&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12152&quot;&gt;&lt;del&gt;DOCS-12152&lt;/del&gt;&lt;/a&gt;-v4.0): Updated SSL information.&lt;br/&gt;
Branch: v4.0&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mms-docs/commit/7f83a999d8aae31dfbd8edd13584a87e05cc98fb&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mms-docs/commit/7f83a999d8aae31dfbd8edd13584a87e05cc98fb&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2067130" author="xgen-internal-githook" created="Mon, 19 Nov 2018 22:03:34 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Anthony Sansone&apos;, &apos;email&apos;: &apos;tony.sansone@mongodb.com&apos;, &apos;username&apos;: &apos;atsansone&apos;}
&lt;p&gt;Message: (&lt;a href=&quot;https://jira.mongodb.org/browse/DOCS-12152&quot; title=&quot;Clarify how to configure client certificate and CA file for oplog store and blockstore&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DOCS-12152&quot;&gt;&lt;del&gt;DOCS-12152&lt;/del&gt;&lt;/a&gt;): Updated SSL information.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/10gen/mms-docs/commit/748955d7f6a26c6010ada1d032d85236e2a2cd8b&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/10gen/mms-docs/commit/748955d7f6a26c6010ada1d032d85236e2a2cd8b&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2038883" author="john.morales@10gen.com" created="Tue, 23 Oct 2018 13:12:39 +0000"  >&lt;p&gt;Confirmed, both of &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=dmitry.ryabtsev&quot; class=&quot;user-hover&quot; rel=&quot;dmitry.ryabtsev&quot;&gt;dmitry.ryabtsev&lt;/a&gt;&apos;s points are correct:&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;SSL needs to be enabled for the Application Database and that mongodb.ssl.CAFile, mongodb.ssl.PEMKeyFile and mongodb.ssl.PEMKeyFilePassword from conf-mms.properties will be used for the oplog store.&lt;/li&gt;
	&lt;li&gt;It is not possible to use a different set of certificates for blockstore/oplog store than those that are used for the App DB.&lt;/li&gt;
&lt;/ul&gt;
</comment>
                            <comment id="2037331" author="isabel.peters" created="Mon, 22 Oct 2018 14:03:56 +0000"  >&lt;p&gt;delegating to brs team. &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=john.morales&quot; class=&quot;user-hover&quot; rel=&quot;john.morales&quot;&gt;john.morales&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2037054" author="tony.sansone" created="Mon, 22 Oct 2018 04:13:37 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=isabel.peters&quot; class=&quot;user-hover&quot; rel=&quot;isabel.peters&quot;&gt;isabel.peters&lt;/a&gt;: Can you confirm that the SSL settings in the &lt;tt&gt;conf-mms.properties&lt;/tt&gt; are the only place to set SSL for the blockstore and oplog store?&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                            <attachment id="198971" name="check_box.png" size="51156" author="dmitry.ryabtsev@mongodb.com" created="Fri, 19 Oct 2018 05:46:38 +0000"/>
                    </attachments>
                <subtasks>
                            <subtask id="758334">DOCS-12679</subtask>
                            <subtask id="758335">DOCS-12680</subtask>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_13552" key="com.go2group.jira.plugin.crm:crm_generic_field">
                        <customfieldname>Case</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[[500A000000cEllJIAS]]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Mon, 22 Oct 2018 04:13:37 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        4 years, 40 weeks, 4 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10857" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>DOCSP-1743</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>luke.bonanomi@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            4 years, 40 weeks, 4 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>tony.sansone@mongodb.com</customfieldvalue>
            <customfieldvalue>dmitry.ryabtsev@mongodb.com</customfieldvalue>
            <customfieldvalue>emilio.scalise@mongodb.com</customfieldvalue>
            <customfieldvalue>xgen-internal-githook</customfieldvalue>
            <customfieldvalue>isabel.peters@mongodb.com</customfieldvalue>
            <customfieldvalue>john.morales@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|huasan:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrbybr:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10557" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="1324">KANBAN BUCKET</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10555" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>Story Points</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0.2</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|huaejz:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                </customfields>
    </item>
</channel>
</rss>