We need to do encryption in transit in mongodb so which one is recommended ssl or tsl ? and what is the difference between ssl and tls? [closed]

Posted on

Question :

We are using MongoDB 4.0 community version with 1 primary 2 secondary replicaset, we need to do encryption in transit so which one is recommended ssl or tsl ? and what is the difference between ssl and tls ?

Answer :

TLS (Transport Layer Security) is the successor to the now deprecated SSL (Secure Sockets Layer). Early versions of TLS included some backward compatibility with SSL, but modern security protocols are now fully TLS. Older versions of SSL (and TLS) have known weaknesses and are not recommended (and often no longer supported).

The mongod and mongos configuration files have a net.ssl.disabledProtocols configuration option to disallow usage of some protocol versions for improved security. Starting in version 4.0, MongoDB disables the use of TLS 1.0 if TLS 1.1+ is available on the system.

The two protocols are often described as TLS/SSL since SSL is the older (and typically more familiar) reference.

MongoDB configuration parameters for TLS/SSL in MongoDB 4.0 include SSL in the name for historical reasons, but starting from MongoDB 4.2 there are new TLS options (which are renamed equivalents of the older SSL options) to provide clarity that the protocol is in fact TLS.

Leave a Reply

Your email address will not be published. Required fields are marked *