-
Type: Task
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: Replication
-
Fully Compatible
-
Security 2020-11-30, Security 2020-12-14
In serverless, the replica sets will use keyFile auth on outgoing connections to each other, but will use x509 auth to authenticate external clients.
When a donor and recipient replica set talk to each other, they will authenticate to each other as external clients, so need to use x509 auth on their outgoing connections to each other even though they will continue to use keyFile auth on their outgoing connections to their own replica set members.
Mongod does not currently support using a mix of keyFile and x509 auth on outgoing connections; this ticket is to add this support.