DOCS-4903

Author: Michael Paik

source/administration/production-notes.txt

@@ -482,8 +482,8 @@ For all MongoDB deployments:
 - Use the Network Time Protocol (NTP) to synchronize time among
   your hosts. This is especially important in sharded clusters.
 
-SSL Libraries
-`````````````
+MongoDB and SSL Libraries
+`````````````````````````
 
 On Linux platforms, you may observe one of the following statements in
 the MongoDB log:

source/includes/fact-ssl-supported.rst

@@ -1,4 +1,5 @@
-The `default distribution of MongoDB <http://www.mongodb.org/downloads>`_
-does **not** contain support for SSL. To use SSL you can either compile
-MongoDB with SSL support or use |ent-build|. See
-:doc:`/tutorial/configure-ssl` for more information about SSL and MongoDB.
+.. versionchanged:: 3.0
+
+   Most MongoDB distributions now include support for SSL. See
+   :doc:`/tutorial/configure-ssl` for more information about SSL and
+   MongoDB.

source/includes/note-fips-is-enterprise-only.rst

@@ -1,4 +1,4 @@
-.. note:: FIPS Compatible SSL is
+.. note:: FIPS-compatible SSL is
    available only in `MongoDB Enterprise
    <http://www.mongodb.com/products/mongodb-enterprise>`_. See
    :doc:`/tutorial/configure-fips` for more information.

source/includes/options-mongo.yaml

@@ -209,8 +209,7 @@ description: |
   Enables connection to a :program:`mongod` or :program:`mongos` that has
   SSL support enabled.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongo
@@ -229,8 +228,7 @@ description: |
   :setting:`~net.ssl.CAFile` enabled *without*
   :setting:`~net.ssl.allowConnectionsWithoutCertificates`.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongo
@@ -250,8 +248,7 @@ description: |
      specify the {{role}} option, the {{program}} will prompt for a
      passphrase. See :ref:`ssl-certificate-password`.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongo
@@ -265,8 +262,7 @@ description: |
   from the Certificate Authority. Specify the file name of the
   :file:`.pem` file using relative or absolute paths.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 
   .. include:: /includes/warning-always-use-sslCAFile-for-mongo.rst
 optional: true
@@ -282,8 +278,7 @@ description: |
   List. Specify the file name of the :file:`.pem` file using relative or
   absolute paths.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongo
@@ -306,8 +301,7 @@ description: |
   :setting:`~net.ssl.allowInvalidCertificates` setting, MongoDB logs as a
   warning the use of the invalid certificate.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongo
@@ -331,6 +325,5 @@ inherit:
   program: _shared
   file: options-shared.yaml
 post: |
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 ...

source/includes/options-mongod.yaml

@@ -604,8 +604,7 @@ description: |
        - Recommended. Send the x.509 certificate for authentication and
          accept only x.509 certificates.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongod
@@ -1135,48 +1134,47 @@ description: |
   :option:`--port`. By default, :option:`--sslOnNormalPorts` is
   disabled.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongod
 name: sslMode
 args: <mode>
 directive: option
 description: |
-   .. versionadded:: 2.6
+  .. versionadded:: 2.6
 
-   Enables SSL or mixed SSL used for all network connections. The
-   argument to the {{role}} option can be one of the following:
+  Enables SSL or mixed SSL used for all network connections. The
+  argument to the {{role}} option can be one of the following:
 
-   .. list-table::
-      :header-rows: 1
-      :widths: 20 40
+  .. list-table::
+     :header-rows: 1
+     :widths: 20 40
 
-      * - Value
+     * - Value
+
+       - Description
 
-        - Description
+     * - ``disabled``
 
-      * - ``disabled``
+       - The server does not use SSL.
 
-        - The server does not use SSL.
+     * - ``allowSSL``
 
-      * - ``allowSSL``
+       - Connections between servers do not use SSL. For incoming
+         connections, the server accepts both SSL and non-SSL.
 
-        - Connections between servers do not use SSL. For incoming
-          connections, the server accepts both SSL and non-SSL.
+     * - ``preferSSL``
 
-      * - ``preferSSL``
+       - Connections between servers use SSL. For incoming
+         connections, the server accepts both SSL and non-SSL.
 
-        - Connections between servers use SSL. For incoming
-          connections, the server accepts both SSL and non-SSL.
+     * - ``requireSSL``
 
-      * - ``requireSSL``
+       - The server uses and accepts only SSL encrypted connections.
 
-        - The server uses and accepts only SSL encrypted connections.
+  .. include:: /includes/fact-ssl-supported.rst
 
-   The default distribution of MongoDB does not contain support for SSL.
-   For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
 optional: true
 ---
 program: mongod
@@ -1192,8 +1190,7 @@ description: |
 
   When SSL is enabled, you must specify {{role}}.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongod
@@ -1213,8 +1210,7 @@ description: |
      specify the {{role}} option, the {{program}} will prompt for a
      passphrase. See :ref:`ssl-certificate-password`.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongod
@@ -1232,9 +1228,7 @@ description: |
   authentication, the cluster uses the ``.pem`` file specified in the
   {{pemKeyOption}} option.
 
-  The default distribution of MongoDB does not contain support for
-  SSL.  For more information on MongoDB and SSL, see
-  :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 replacement:
   pemKeyOption: :option:`--sslPEMKeyFile`
@@ -1255,8 +1249,7 @@ description: |
   {{role}} option, the {{program}} will prompt for a passphrase. See
   :ref:`ssl-certificate-password`.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongod
@@ -1270,8 +1263,7 @@ description: |
   from the Certificate Authority. Specify the file name of the
   :file:`.pem` file using relative or absolute paths.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 
   .. include:: /includes/warning-x509-requires-sslCAfile.rst
 optional: true
@@ -1287,8 +1279,7 @@ description: |
   List. Specify the file name of the :file:`.pem` file using relative or
   absolute paths.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongod
@@ -1303,8 +1294,7 @@ description: |
   the :setting:`~net.ssl.allowInvalidCertificates` setting, MongoDB
   logs as a warning the use of the invalid certificate.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongod
@@ -1333,8 +1323,7 @@ description: |
   Use the {{role}} option if you have a mixed deployment that includes
   clients that do not or cannot present certificates to the {{program}}.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 replacement:
   old_name: "``--sslAllowConnectionsWithoutCertificates``"
 optional: true
@@ -1352,8 +1341,7 @@ description: |
   {{program}} instances if the hostnames in their certificates do not
   match their configured hostname.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: mongod

source/includes/options-shared.yaml

@@ -115,8 +115,7 @@ description: |
   Enables connection to a :program:`mongod` or :program:`mongos` that has
   SSL support enabled.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: _shared
@@ -131,8 +130,7 @@ description: |
   from the Certificate Authority. Specify the file name of the
   :file:`.pem` file using relative or absolute paths.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 
   .. include:: /includes/warning-always-use-sslCAFile-for-mongo.rst
 optional: true
@@ -154,8 +152,7 @@ description: |
   :setting:`~net.ssl.CAFile` enabled *without*
   :setting:`~net.ssl.allowConnectionsWithoutCertificates`.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: _shared
@@ -175,8 +172,7 @@ description: |
   the {{role}} option, the {{program}} will prompt for a passphrase. See
   :ref:`ssl-certificate-password`.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: _shared
@@ -191,8 +187,7 @@ description: |
   List. Specify the file name of the :file:`.pem` file using relative or
   absolute paths.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: _shared
@@ -210,8 +205,7 @@ description: |
   :setting:`~net.ssl.allowInvalidCertificates` setting, MongoDB logs as a
   warning the use of the invalid certificate.
 
-  The default distribution of MongoDB does not contain support for SSL.
-  For more information on MongoDB and SSL, see :doc:`/tutorial/configure-ssl`.
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: _shared
@@ -225,6 +219,8 @@ description: |
   Disables the validation of the hostnames in SSL certificates. Allows
   {{program}} to connect to MongoDB instances if the hostname their
   certificates do not match the specified hostname.
+
+  .. include:: /includes/fact-ssl-supported.rst
 optional: true
 ---
 program: _shared