Skip to content

Commit e50d638

Browse files
kay-kimkay-kim
committed
DOCS-12092: spell out SAN and CN
1 parent 944710f commit e50d638

File tree

2 files changed

+11
-10
lines changed

2 files changed

+11
-10
lines changed

source/includes/options-mongod.yaml

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2563,11 +2563,12 @@ description: |
25632563
server. Requires :setting:`enableEncryption` to be true.
25642564
25652565
When connecting to the KMIP server, the :binary:`~bin.mongod`
2566-
verifies that the specified {{role}} matches the ``SAN`` (or, if
2567-
``SAN`` is not present, the ``CN``) in the certificate presented by
2568-
the KMIP server. If ``SAN`` is present, :binary:`~bin.mongod` does
2569-
not match against the ``CN``. If the hostname does not match the
2570-
``SAN`` (or ``CN``), the :binary:`~bin.mongod` will fail to connect.
2566+
verifies that the specified {{role}} matches the Subject Alternative
2567+
Name ``SAN`` (or, if ``SAN`` is not present, the Common Name ``CN``)
2568+
in the certificate presented by the KMIP server. If ``SAN`` is
2569+
present, :binary:`~bin.mongod` does not match against the ``CN``. If
2570+
the hostname does not match the ``SAN`` (or ``CN``), the
2571+
:binary:`~bin.mongod` will fail to connect.
25712572
25722573
.. include:: /includes/fact-enterprise-only-admonition.rst
25732574
---

source/tutorial/configure-encryption.txt

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -98,11 +98,11 @@ for each database.
9898

9999
When connecting to the KMIP server, the :binary:`~bin.mongod` verifies
100100
that the specified :option:`--kmipServerName <mongod --kmipServerName>`
101-
matches the ``SAN`` (or, if ``SAN`` is not present, the ``CN``) in the
102-
certificate presented by the KMIP server. If ``SAN`` is present,
103-
:binary:`~bin.mongod` does not match against the ``CN``. If the
104-
hostname does not match the ``SAN`` (or ``CN``), the
105-
:binary:`~bin.mongod` will fail to connect.
101+
matches the Subject Alternative Name ``SAN`` (or, if ``SAN`` is not
102+
present, the Common Name ``CN``) in the certificate presented by the
103+
KMIP server. If ``SAN`` is present, :binary:`~bin.mongod` does not
104+
match against the ``CN``. If the hostname does not match the ``SAN``
105+
(or ``CN``), the :binary:`~bin.mongod` will fail to connect.
106106

107107
To verify that the key creation and usage was successful, check the log
108108
file. If successful, the process will log the following messages:

0 commit comments

Comments
 (0)