Uploaded image for project: 'Compass '
  1. Compass
  2. COMPASS-4599

Convert X509 authentication SSL/TLS settings to the most secure option when possible

XMLWordPrintableJSON

    • Type: Icon: Task Task
    • Resolution: Won't Do
    • Priority: Icon: Major - P3 Major - P3
    • No version
    • Affects Version/s: None
    • Component/s: Connectivity, Security
    • None
    • 2
    • Not Needed

      The current "backward compatible" conversion from connection model to connection info will add insecure options to the connection string.

      When safe and possible we want to convert to a more secure connection string, for example with Atlas we know that we can remove tlsAllowInvalidCertificates=true and tlsAllowInvalidHostnames=true and we do not need a CA and "client private key"

            Assignee:
            Unassigned Unassigned
            Reporter:
            maurizio.casimirri@mongodb.com Maurizio Casimirri
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: