File tree Expand file tree Collapse file tree 2 files changed +26
-0
lines changed Expand file tree Collapse file tree 2 files changed +26
-0
lines changed Original file line number Diff line number Diff line change @@ -164,6 +164,16 @@ participate in :term:`elections <election>`.
164164 Do not run arbiter processes on a system that is an active
165165 :term:`primary` or :term:`secondary` of its replica set.
166166
167+ You must run arbiters only on secure networks. While arbiters do not
168+ hold database content, they do hold replica-set configuration data,
169+ which always should be protected. Arbiters use encryption only when
170+ creating a connection with another replica-set member. All other
171+ communications are unencrypted.
172+
173+ .. warning::
174+
175+ Never run an arbiter on a non-secure network.
176+
167177.. index:: replica set members; non-voting
168178.. _replica-set-non-voting-members:
169179
Original file line number Diff line number Diff line change @@ -181,6 +181,22 @@ primary.
181181
182182.. seealso:: :doc:`/administration/replication-architectures`
183183
184+ Do arbiters use encrypted communication?
185+ ----------------------------------------
186+
187+ Arbiters use encryption only when creating a connection with another
188+ replica-set member. All other communications are unencrypted.
189+
190+ The following rules govern arbiter communications:
191+
192+ - An arbiter is authenticated when a connection is created between it
193+ and another member of the replica set. The arbiter is then trusted
194+ until the connection ends.
195+
196+ - Replica set configuration data and voting are unencrypted.
197+
198+ You must always run arbiters on secure networks.
199+
184200Which members of a replica set vote in elections?
185201-------------------------------------------------
186202
You can’t perform that action at this time.
0 commit comments