SSL Has Been Enabled
Rule Details
|
Parameter |
Description |
|---|---|
|
Rule Name |
dds-instance-enable-ssl |
|
Identifier |
SSL Has Been Enabled |
|
Description |
If SSL is not enabled for a DDS instance, this instance is non-compliant. |
|
Tag |
dds |
|
Trigger Type |
Configuration change |
|
Filter Type |
dds.instances |
|
Rule Parameters |
None |
Application Scenarios
Without the use of Secure Sockets Layer (SSL), data transmitted between a Mongo client and server is vulnerable to eavesdropping, tampering, and man-in-the-middle attacks. To improve data transmission security, enable SSL tp encrypt communication. For details, see Security Best Practices.
Solution
Refer to Enabling or Disabling SSL to set SSL configurations. When you enable or disable SSL, DDS will restart once. During the restart, each node will be intermittently disconnected for about 30 seconds. Enable or disable SSL during off-peak hours and ensure that your applications support automatic reconnection.
Rule Logic
- If SSL is disabled for a DDS DB instance, this instance is non-compliant.
- If SSL is enabled for a DDS DB instance, this instance is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
