Turn default encryption to off #479
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As a temporary workaround until security work is completed in js driver
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR makes the following changes in the driver configuration;
encryptedvalue is nowfalse, which means that it explicitly needs to be set totruefor the driver to communicate with a TLS enabled server.trustsetting is nowTRUST_SYSTEM_CA_SIGNED_CERTIFICATESwhich means that the certificates will be verified based on system provided trust store and it won't be possible to communicate with untrusted servers (using self-signed certificates, etc.) out of the box.TRUST_SYSTEM_CA_SIGNED_CERTIFICATESand it will fail startup if provided other two options - which areTRUST_CUSTOM_CA_SIGNED_CERTIFICATESandTRUST_ALL_CERTIFICATES.Based on #478.