You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@beam.apache.org by "Brian Hulette (Jira)" <ji...@apache.org> on 2021/04/21 23:15:00 UTC
[jira] [Commented] (BEAM-9564) Remove insecure ssl options from
MongoDBIO
[ https://issues.apache.org/jira/browse/BEAM-9564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17327001#comment-17327001 ]
Brian Hulette commented on BEAM-9564:
-------------------------------------
Per review on https://github.com/apache/beam/pull/11186, this is blocked on BEAM-9571, which will provide an alternative for users that need options like this, e.g. for a self signed certificate.
> Remove insecure ssl options from MongoDBIO
> ------------------------------------------
>
> Key: BEAM-9564
> URL: https://issues.apache.org/jira/browse/BEAM-9564
> Project: Beam
> Issue Type: Improvement
> Components: io-java-mongodb
> Affects Versions: 2.21.0
> Reporter: Ismaël Mejía
> Priority: P1
> Labels: backward-incompatible
> Time Spent: 3h 10m
> Remaining Estimate: 0h
>
> The option MongoDBIO.withIgnoreSSLCertificate and withSSLInvalidHostNameAllowedslInvalidHostNameAllowed() are insecure by design. We should not encourage users to be able to use them so better to remove these options.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)