Skip to content

Commit 3b8a31a

Browse files
kay-kimkay-kim
committed
DOCS-12092: spell out SAN and CN
1 parent 1741083 commit 3b8a31a

File tree

2 files changed

+11
-10
lines changed

2 files changed

+11
-10
lines changed

source/includes/options-mongod.yaml

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2128,11 +2128,12 @@ description: |
21282128
server. Requires :setting:`enableEncryption` to be true.
21292129
21302130
When connecting to the KMIP server, the :binary:`~bin.mongod`
2131-
verifies that the specified {{role}} matches the ``SAN`` (or, if
2132-
``SAN`` is not present, the ``CN``) in the certificate presented by
2133-
the KMIP server. If ``SAN`` is present, :binary:`~bin.mongod` does
2134-
not match against the ``CN``. If the hostname does not match the
2135-
``SAN`` (or ``CN``), the :binary:`~bin.mongod` will fail to connect.
2131+
verifies that the specified {{role}} matches the Subject Alternative
2132+
Name ``SAN`` (or, if ``SAN`` is not present, the Common Name ``CN``)
2133+
in the certificate presented by the KMIP server. If ``SAN`` is
2134+
present, :binary:`~bin.mongod` does not match against the ``CN``. If
2135+
the hostname does not match the ``SAN`` (or ``CN``), the
2136+
:binary:`~bin.mongod` will fail to connect.
21362137
21372138
.. include:: /includes/fact-enterprise-only-admonition.rst
21382139
---

source/tutorial/configure-encryption.txt

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -98,11 +98,11 @@ for each database.
9898

9999
When connecting to the KMIP server, the :binary:`~bin.mongod` verifies
100100
that the specified :option:`--kmipServerName <mongod --kmipServerName>`
101-
matches the ``SAN`` (or, if ``SAN`` is not present, the ``CN``) in the
102-
certificate presented by the KMIP server. If ``SAN`` is present,
103-
:binary:`~bin.mongod` does not match against the ``CN``. If the
104-
hostname does not match the ``SAN`` (or ``CN``), the
105-
:binary:`~bin.mongod` will fail to connect.
101+
matches the Subject Alternative Name ``SAN`` (or, if ``SAN`` is not
102+
present, the Common Name ``CN``) in the certificate presented by the
103+
KMIP server. If ``SAN`` is present, :binary:`~bin.mongod` does not
104+
match against the ``CN``. If the hostname does not match the ``SAN``
105+
(or ``CN``), the :binary:`~bin.mongod` will fail to connect.
106106

107107
To verify that the key creation and usage was successful, check the log
108108
file. If successful, the process will log the following messages:

0 commit comments

Comments
 (0)