In MongoDB 3.0 there is now an option for SSL connections to allow invalid certificates. By default, they are not allowed and the connection will fail. In ADS v17 we should just allow invalid certificates as is done in jTDS. See MongoDriver : Line 263.
jTDS uses : TdsTlsSocketFactory
http://grepcode.com/file/repo1.maven.org/maven2/net.sourceforge.jtds/jtds/1.3.1/net/sourceforge/jtds/ssl/SocketFactories.java#SocketFactories.TdsTlsSocketFactory
PostgreSQL uses : org.postgresql.ssl.NonValidatingFactory
http://grepcode.com/file/repo1.maven.org/maven2/postgresql/postgresql/9.1-901.jdbc4/org/postgresql/ssl/NonValidatingFactory.java#NonValidatingFactory
In this documentation : https://docs.mongodb.org/manual/tutorial/configure-ssl-clients/ ... I see this "Changed in version 3.0: When running mongo with the --ssl option, you must include either --sslCAFile or --sslAllowInvalidCertificates.".
I have implemented support for the sslAllowInvalidCertificates
JDBC driver property.
Issue #13855 |
Closed |
Fixed |
Resolved |
Completion |
No due date |
Fixed Build ADS 17.0.0-rc-37, mongo-jdbc 1.4.7.9, 2.4.7.9 |
No time estimate |
I have implemented support for the
sslAllowInvalidCertificates
JDBC driver property.