Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(NODE-5287): deprecate ssl options #3743

Merged
merged 1 commit into from Jun 27, 2023
Merged

feat(NODE-5287): deprecate ssl options #3743

merged 1 commit into from Jun 27, 2023

Conversation

durran
Copy link
Member

@durran durran commented Jun 27, 2023
edited by dariakp

Description

Deprecates duplicate SSL options in favour of spec compliant TLS options.

What is changing?

Deprecates:

  • sslCA
  • sslCRL
  • sslCert
  • sslKey
  • sslPass
  • sslValidate
  • tlsCertificateFile
Is there new documentation needed for these changes?

None

What is the motivation for this change?

NODE-5287

Legacy SSL options deprecated

In an effort to simplify TLS setup and use with the driver we're paring down the number of custom options to the ones that are common to all drivers. This should reduce inadvertent misconfiguration due to conflicting options.

The legacy "ssl-" options have been deprecated, each has a corresponding "tls-" option listed in the table below (except for sslCRL, you may directly use the Node.js crl option instead). tlsCertificateFile has also been deprecated, please use tlsCertificateKeyFile or pass the cert directly to the MongoClient constructor.

In addition to the common driver options, the Node.js driver also passes through Node.js TLS options provided on the MongoClient to Node.js' tls.connect API, which may be convenient to reuse with other Node.js APIs.

Node.js native option MongoDB driver option name legacy option name driver option type
ca tlsCAFile sslCA string
crl N/A sslCRL string
cert tlsCertificateKeyFile sslCert string
key tlsCertificateKeyFile sslKey string
passphrase tlsCertificateKeyFilePassword sslPass string
rejectUnauthorized tlsAllowInvalidCertificates sslValidate boolean

Double check the following

  • Ran npm run check:lint script
  • Self-review completed using the steps outlined here
  • PR title follows the correct format: type(NODE-xxxx)[!]: description
    • Example: feat(NODE-1234)!: rewriting everything in coffeescript
  • Changes are covered by tests
  • New TODOs have a related JIRA ticket

@durran durran marked this pull request as ready for review June 27, 2023 13:20
@W-A-James W-A-James self-assigned this Jun 27, 2023
@W-A-James W-A-James added the Primary Review In Review with primary reviewer, not yet ready for team's eyes label Jun 27, 2023
@W-A-James W-A-James self-requested a review June 27, 2023 13:46
@W-A-James W-A-James merged commit f9b5677 into main Jun 27, 2023
24 of 26 checks passed
@W-A-James W-A-James deleted the NODE-5287 branch June 27, 2023 14:45
@github-actions github-actions bot mentioned this pull request Jun 27, 2023
Merged
malikj2000 pushed a commit that referenced this pull request Jun 29, 2023
@durran @malikj2000
feat(NODE-5287): deprecate ssl options (#3743)
94dd36e
This was referenced Aug 21, 2023
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@W-A-James W-A-James W-A-James approved these changes

Assignees

@W-A-James W-A-James

Labels
Primary Review In Review with primary reviewer, not yet ready for team's eyes
Projects
None yet
Milestone
No milestone
2 participants
@durran @W-A-James