kmip certificate selector

Author: skerschb

source/includes/options-conf.yaml

@@ -650,6 +650,30 @@ inherit:
   file: options-mongod.yaml
 ---
 program: conf
+name: net.ssl.certificateSelector
+type: string
+directive: setting
+replacement:
+  program: ":binary:`~bin.mongos` or :binary:`~bin.mongod`"
+  directive: "setting"
+inherit:
+  name: sslCertificateSelector
+  program: mongod
+  file: options-mongod.yaml
+---
+program: conf
+name: net.ssl.clusterCertificateSelector
+type: string
+directive: setting
+replacement:
+  program: ":binary:`~bin.mongos` or :binary:`~bin.mongod`"
+  directive: "setting"
+inherit:
+  name: sslClusterCertificateSelector
+  program: mongod
+  file: options-mongod.yaml
+---
+program: conf
 name: net.ssl.PEMKeyFile
 type: string
 directive: setting
@@ -1747,6 +1771,25 @@ description: |
 
 ---
 program: conf
+name: security.kmip.clientCertificateSelector
+directive: setting
+type:  string
+description: |
+
+  .. versionadded:: 4.0
+
+  Specifies the selector and value to search when using Windows or 
+  macOS system certificate store mechanisms for client certificates.
+  
+  This option must be followed by a key value pair indicated by
+  <parameter>=<value>. In this case, <parameter> is the name of the
+  selector.
+
+  .. include:: /includes/option-ssl-certificateSelector.rst
+
+  .. include:: /includes/fact-enterprise-only-admonition.rst
+---
+program: conf
 name: security.kmip.keyIdentifier
 directive: setting
 type:  string

source/reference/configuration-options.txt

@@ -477,6 +477,8 @@ Key Management Configuration Options
 
 .. include:: /includes/option/setting-conf-security.kmip.clientCertificatePassword.rst
 
+.. include:: /includes/option/setting-conf-security.kmmip.clientCertificateSelector.rst
+
 .. include:: /includes/option/setting-conf-security.kmip.serverCAFile.rst
 
 ``security.sasl`` Options

source/reference/program/mongod.txt

@@ -344,6 +344,8 @@ Encryption Key Management Options
 
 .. include:: /includes/option/option-mongod-kmipClientCertificatePassword.rst
 
+.. include:: /includes/option/option-mongod-kmipClientCertificateSelector.rst
+
 .. include:: /includes/option/option-mongod-kmipServerCAFile.rst
 
 Text Search Options

source/tutorial/configure-ssl-clients.txt

@@ -56,13 +56,17 @@ settings, including:
 .. versionadded:: 4.0
 
 - :option:`--sslCertificateSelector <mongo --sslCertificateSelector>` option if you
-  wish to use the system store for clients running on Mac or Windows.
+  wish to use the system store for clients running on macOS or Windows.
+
+.. include:: /includes/extracts/mongo-ssl-options-configure.rst
+
+.. include:: /includes/extracts/clients-warning-sslCAFile.rst
 
 For a complete list of the :binary:`~bin.mongo` shell's TLS/SSL settings, see
 :ref:`mongo-shell-ssl`.
 
-Using System Stores for Storing Keys and Certificates for Mac and Windows
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Using System Stores for Storing Keys and Certificates for macOS and Windows
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 .. include:: /includes/ssl-trusted-store.rst
 

source/tutorial/configure-ssl.txt

@@ -112,7 +112,7 @@ Procedures
 
 .. versionadded:: 4.0
 
-Using System Stores for Storing Keys and Certificates for Mac and Windows
+Using System Stores for Storing Keys and Certificates for macOS and Windows
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 .. include:: /includes/ssl-trusted-store.rst