<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:34:03 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[GODRIVER-366] Use certificate store for certificate lookup</title>
                <link>https://jira.mongodb.org/browse/GODRIVER-366</link>
                <project id="14289" key="GODRIVER">Go Driver</project>
                    <description>&lt;p&gt;On Mac OS X, the server allows users to look up a certificate from the certificate store rather than from a PEM file.  We should provide a similar capability &amp;#8211; or at least the ability to provide such a cert via an option, as the tools project will need that to match the server and we&apos;d like to avoid needing a custom dialer once we switch to the Go driver.&lt;/p&gt;</description>
                <environment></environment>
        <key id="528054">GODRIVER-366</key>
            <summary>Use certificate store for certificate lookup</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="4" iconUrl="https://jira.mongodb.org/images/icons/priorities/minor.svg">Minor - P4</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="12300">Won&apos;t Do</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="greg.mckeon@mongodb.com">Gregory McKeon</reporter>
                        <labels>
                    </labels>
                <created>Mon, 16 Apr 2018 16:00:39 +0000</created>
                <updated>Fri, 24 Jul 2020 20:14:19 +0000</updated>
                            <resolved>Fri, 24 Jul 2020 20:14:19 +0000</resolved>
                                                                    <component>Options &amp;amp; Configuration</component>
                                        <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                <comments>
                            <comment id="1879204" author="david.golden" created="Tue, 1 May 2018 16:37:27 +0000"  >&lt;p&gt;As the server has moved to using native TLS on OS X (Secure Transport), it has added command line options to let users select keys from the user/system keychain certificate store.  Because the command line tools try to match server command line options for configuration, the server tools will likely provide a similar capability.&lt;/p&gt;

&lt;p&gt;The driver currently only supports providing &lt;tt&gt;SSLClientCertificateKeyFile&lt;/tt&gt; and &lt;tt&gt;SSLClientCertificateKeyPassword&lt;/tt&gt; options and is oblivious to the keychain certificate store.&lt;/p&gt;

&lt;p&gt;If the driver implements the ability to get certs/keys from the certificate store, then the tools can delegate this work to the driver.  If the driver does not implement this capability, then the tools will have to implement both the capability and a custom TLS dialer to user such certificates/keys.&lt;/p&gt;

&lt;p&gt;As a middle ground, if the driver allows certs/keys to be provided in byte form rather than a file name, the tools can implement the cert store lookup and the driver can consume the resulting bytes.   (That doesn&apos;t change the amount of code to be written &amp;#8211; it only partitions this ticket across two projects.)&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|htmk8f:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>