Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-52945

[auth] Make mongod use x509 auth on egress connections if NetworkInterface has SSLConnectionContext override even if other egress connections use keyFile auth

    • Fully Compatible
    • Security 2020-11-30, Security 2020-12-14

      In serverless, the replica sets will use keyFile auth on outgoing connections to each other, but will use x509 auth to authenticate external clients.

      When a donor and recipient replica set talk to each other, they will authenticate to each other as external clients, so need to use x509 auth on their outgoing connections to each other even though they will continue to use keyFile auth on their outgoing connections to their own replica set members.

      Mongod does not currently support using a mix of keyFile and x509 auth on outgoing connections; this ticket is to add this support.

            Assignee:
            mark.benvenuto@mongodb.com Mark Benvenuto
            Reporter:
            esha.maharishi@mongodb.com Esha Maharishi (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: