<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:15:45 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DOCS-16619] [Server] Clarify scope of parameters allowInvalidCertificates and allowInvalidHostnames</title>
                <link>https://jira.mongodb.org/browse/DOCS-16619</link>
                <project id="10380" key="DOCS">Documentation</project>
                    <description>&lt;p&gt;According to my understanding parameters &lt;tt&gt;net.tls.allowInvalidCertificates&lt;/tt&gt;&#160; and &lt;tt&gt;net.tls.allowInvalidHostnames&lt;/tt&gt; are used for replicat set / sharded cluster internal connections. This is not fully clear in the documentation.&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;
&lt;h2&gt;&lt;a name=&quot;Fornet.tls.allowInvalidHostnameshttps%3A%2F%2Fwww.mongodb.com%2Fdocs%2Fmanual%2Freference%2Fconfigurationoptions%2F%23mongodbsettingnet.tls.allowInvalidCertificatesIsuggestfollowing%3A&quot;&gt;&lt;/a&gt;For &lt;a href=&quot;https://www.mongodb.com/docs/manual/reference/configuration-options/#mongodb-setting-net.tls.allowInvalidCertificates&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;net.tls.allowInvalidHostnames&lt;/a&gt; I suggest following:&lt;/h2&gt;
&lt;blockquote&gt;&lt;p&gt;When &lt;tt&gt;net.tls.allowInvalidHostnames&lt;/tt&gt; is true, MongoDB disables the validation of the hostnames in TLS certificates, allowing &lt;a href=&quot;https://www.mongodb.com/docs/manual/reference/program/mongod/#mongodb-binary-bin.mongod&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;mongod&lt;/a&gt; or &lt;a href=&quot;https://www.mongodb.com/docs/manual/reference/program/mongos/#mongodb-binary-bin.mongos&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;mongos&lt;/a&gt; to connect to other servers in the cluster if the hostname of their certificates do not match the specified hostname.&lt;/p&gt;


&lt;p&gt;For more information about TLS and MongoDB, see &lt;a href=&quot;https://www.mongodb.com/docs/manual/tutorial/configure-ssl/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Configure &lt;tt&gt;mongod&lt;/tt&gt; and &lt;tt&gt;mongos&lt;/tt&gt; for TLS/SSL&lt;/a&gt;&lt;/p&gt;&lt;/blockquote&gt;
&lt;p&gt;A link to &lt;a href=&quot;https://www.mongodb.com/docs/manual/tutorial/configure-ssl-clients/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;TLS/SSL Configuration for Clients&lt;/a&gt; is confusing because this parameter has no effect on client connections.&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;
&lt;h2&gt;&lt;a name=&quot;Fornet.tls.allowInvalidCertificateshttps%3A%2F%2Fwww.mongodb.com%2Fdocs%2Fmanual%2Freference%2Fconfigurationoptions%2F%23mongodbsettingnet.tls.allowInvalidCertificatesIsuggestfollowing%3A&quot;&gt;&lt;/a&gt;For &lt;a href=&quot;https://www.mongodb.com/docs/manual/reference/configuration-options/#mongodb-setting-net.tls.allowInvalidCertificates&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;net.tls.allowInvalidCertificates&lt;/a&gt; I suggest following:&lt;/h2&gt;
&lt;blockquote&gt;&lt;p&gt; &lt;span class=&quot;error&quot;&gt;&amp;#91;...&amp;#93;&lt;/span&gt;&lt;br/&gt;
&lt;b&gt;Note:&lt;/b&gt;&lt;br/&gt;
If you specify &lt;tt&gt;--tlsAllowInvalidCertificates&lt;/tt&gt; or &lt;tt&gt;tls.allowInvalidCertificates: true&lt;/tt&gt; when using x.509 certificates for internal authentication an invalid certificate is only sufficient to establish a TLS connection but is &lt;em&gt;insufficient&lt;/em&gt; for authentication.&lt;/p&gt;

&lt;p&gt;When using the &lt;a href=&quot;https://www.mongodb.com/docs/manual/reference/configuration-options/#mongodb-setting-net.tls.allowInvalidCertificates&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;&lt;tt&gt;net.tls.allowInvalidCertificates&lt;/tt&gt;&lt;/a&gt; setting, MongoDB logs a warning regarding the use of the invalid certificate.&lt;/p&gt;

&lt;p&gt;For more information about TLS and MongoDB, see &lt;a href=&quot;https://www.mongodb.com/docs/manual/tutorial/configure-ssl/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Configure mongod and mongos&lt;/a&gt; and &lt;a href=&quot;https://www.mongodb.com/docs/manual/core/security-internal-authentication/#x.509&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Internal/Membership Authentication with x.509&lt;/a&gt;&lt;/p&gt;&lt;/blockquote&gt;
&lt;p&gt;Again, a link to &lt;a href=&quot;https://www.mongodb.com/docs/manual/tutorial/configure-ssl-clients/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;TLS/SSL Configuration for Clients&lt;/a&gt; is confusing because this parameter has no effect on client connections. And the existing documentation miss a clear indication that it is relevant in a replicat set / sharded cluster environment.&lt;/p&gt;</description>
                <environment></environment>
        <key id="2562296">DOCS-16619</key>
            <summary>[Server] Clarify scope of parameters allowInvalidCertificates and allowInvalidHostnames</summary>
                <type id="3" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14718&amp;avatarType=issuetype">Task</type>
                                            <priority id="2" iconUrl="https://jira.mongodb.org/images/icons/priorities/critical.svg">Critical - P2</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="alison.huh@mongodb.com">Alison Huh</assignee>
                                    <reporter username="wernfried.domscheit@sunrise.net">Wernfried Domscheit</reporter>
                        <labels>
                            <label>request</label>
                            <label>top250</label>
                    </labels>
                <created>Wed, 31 Jan 2024 07:57:57 +0000</created>
                <updated>Mon, 5 Feb 2024 16:20:53 +0000</updated>
                            <resolved>Mon, 5 Feb 2024 15:18:11 +0000</resolved>
                                                    <fixVersion>Server_Docs_[20240205]</fixVersion>
                                    <component>manual</component>
                        <due></due>
                            <votes>0</votes>
                                    <watches>2</watches>
                                                                                                                    <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="2560707">SERVER-85910</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_14258" key="com.atlassian.jira.plugin.system.customfieldtypes:datepicker">
                        <customfieldname>Baseline start date</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Wed, 31 Jan 2024 00:00:00 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Fri, 2 Feb 2024 17:08:10 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        1 week, 1 day ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>emet.ozar@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            1 week, 1 day ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>alison.huh@mongodb.com</customfieldvalue>
            <customfieldvalue>wernfried.domscheit@sunrise.net</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|i3b1ev:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i2sodw:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10555" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>Story Points</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_12054" key="com.atlassian.jira.plugin.system.customfieldtypes:textarea">
                        <customfieldname>URL(s)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>&lt;a href=&quot;https://www.mongodb.com/docs/manual/reference/configuration-options/&quot;&gt;https://www.mongodb.com/docs/manual/reference/configuration-options/&lt;/a&gt;</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|i3ank7:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_23672" key="com.atlassian.jira.plugin.system.customfieldtypes:textfield">
                        <customfieldname>siteRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>35</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>