Docs HomeMongoDB Manual

TLS/SSL (Transport Encryption)TLS/SSL(传输加密)

On this page本页内容

TLS/SSL

MongoDB supports TLS/SSL (Transport Layer Security/Secure Sockets Layer) to encrypt all of MongoDB's network traffic. TLS/SSL ensures that MongoDB network traffic is only readable by the intended client.MongoDB支持TLS/SSL(传输层安全/安全套接字层)来加密MongoDB的所有网络流量。TLS/SSL确保MongoDB网络流量只能由预期的客户端读取。

Starting in MongoDB 7.0 and 6.0.7, MongoDB supports OpenSSL 3.0 and the OpenSSL FIPS provider with these operating systems:从MongoDB 7.0和6.0.7开始,MongoDB支持以下操作系统的OpenSSL 3.0和OpenSSL FIPS提供程序:

  • Red Hat Enterprise Linux 9
  • Amazon Linux 2023
  • Ubuntu Linux 22.04

TLS Versions

MongoDB disables support for TLS 1.0 encryption on systems where TLS 1.1+ is available. For more details, see Disable TLS 1.0.MongoDB在TLS 1.1+可用的系统上禁用对TLS 1.0加密的支持。有关更多详细信息,请参阅禁用TLS 1.0

TLS LibrariesTLS库

MongoDB uses the native TLS/SSL OS libraries:MongoDB使用本机TLS/SSL操作系统库:

Platform平台TLS/SSL Library
WindowsSecure Channel (Schannel)安全通道(Schannel)
Linux/BSDOpenSSL
macOSSecure Transport安全传输

TLS/SSL CiphersTLS/SSL密码

MongoDB's TLS/SSL encryption only allows use of strong TLS/SSL ciphers with a minimum of 128-bit key length for all connections.MongoDB的TLS/SSL加密只允许对所有连接使用最小128位键长度的强TLS/SSL密码。

Forward Secrecy正向安全

Forward Secrecy cipher suites create an ephemeral session key that is protected by the server's private key but is never transmitted. 前向保密密码套件创建一个受服务器私钥保护但从不传输的短暂会话键。The use of an ephemeral key ensures that even if a server's private key is compromised, you cannot decrypt past sessions with the compromised key.使用临时键可以确保即使服务器的私钥被泄露,也无法使用泄露的键解密过去的会话。

MongoDB supports Forward Secrecy cipher suites that use Ephemeral Diffie-Hellman (DHE) and Ephemeral Elliptic Curve Diffie-Hellman (ECDHE) algorithms.MongoDB支持使用Ephemeral-Diffie-Hellman(DHE)和Ephemeral Elliptic Curve Diffie-Hellmann(ECDHE)算法的前向保密密码套件。

Ephemeral Elliptic Curve Diffie-Hellman (ECDHE)Ephemeral椭圆曲线Diffie-Hellman(ECDHE)

PlatformLevel of Support支持级别
LinuxStarting in version 4.2从4.2版开始
  • If the Linux platform's OpenSSL supports automatic curve selection, MongoDB enables support for Ephemeral Elliptic Curve Diffie-Hellman (ECDHE).如果Linux平台的OpenSSL支持自动曲线选择,MongoDB将支持Ephemeral Elliptic curve Diffie-Hellman(ECDHE)。
  • Else if the Linux platform's OpenSSL does not support automatic curve selection, MongoDB attempts to enable ECDHE support using prime256v1 as the named curve .否则,如果Linux平台的OpenSSL不支持自动曲线选择,MongoDB会尝试使用prime256v1作为命名曲线来启用ECDHE支持。
Starting in 3.6.14 and 4.0.3从3.6.14和4.0.3开始
  • MongoDB enables support for Ephemeral Elliptic Curve Diffie-Hellman (ECDHE) if, during compile time, the Linux platform's OpenSSL supports automatic curve selection.如果在编译期间,Linux平台的OpenSSL支持自动曲线选择,MongoDB将支持Ephemeral Elliptic Curve Diffie-Hellman(ECDHE)。
Note
If support for ECDHE is enabled, MongoDB 4.2+ attempts to enable support for Ephemeral Diffie-Hellman (DHE) if Ephemeral Diffie-Hellman (DHE) is not explicitly enabled. See Ephemeral Diffie-Hellman (DHE) for details. 如果启用了对ECDHE的支持,MongoDB 4.2+会尝试在未显式启用Ephemeral Diffie-Hellman(DHE)的情况下启用对Ephemeral-Diffie-Hellman(DHE)的支持。有关详细信息,请参阅Ephemeral Diffie-Hellman(DHE)
WindowsStarting in version 4.0, Ephemeral Elliptic Curve Diffie-Hellman (ECDHE) is implicitly supported through the use of Secure Channel (Schannel), the native Windows TLS/SSL library.从4.0版本开始,通过使用本地Windows TLS/SSL库Secure Channel(Schannel),隐式支持Ephemeral Elliptic Curve Diffie-Hellman(ECDHE)。
macOSStarting in version 4.0, Ephemeral Elliptic Curve Diffie-Hellman (ECDHE) is implicitly supported through the use of Secure Transport, the native macOS TLS/SSL library.从4.0版本开始,通过使用本地macOS TLS/SSL库Secure Transport,隐式支持Ephemeral Elliptic Curve Diffie-Hellman(ECDHE)。

ECDHE cipher suites are slower than static RSA cipher suites. For better performance with ECDHE, you can use certificates that use Elliptic Curve Digital Signature Algorithm (ECDSA). ECDHE密码套件比静态RSA密码套件慢。为了获得更好的ECDHE性能,您可以使用使用椭圆曲线数字签名算法(ECDSA)的证书。See also Forward Secrecy Performance for more information另请参阅正向保密性能以了解更多信息

Ephemeral Diffie-Hellman (DHE)

PlatformLevel of Support
LinuxStarting in version 4.2: MongoDB enables support for Ephemeral Diffie-Hellman (DHE): :MongoDB支持Ephemeral Diffie-Hellman(DHE): For versions 3.6 and 4.0, MongoDB enables support for Ephemeral Diffie-Hellman (DHE):对于3.6和4.0版本,MongoDB支持EphemeralDiffie-Hellman(DHE):
WindowsStarting in version 4.0, Ephemeral Diffie-Hellman (DHE) is implicitly supported through the use of Secure Channel (Schannel), the native Windows TLS/SSL library.从4.0版本开始,Ephemeral Diffie-Hellman(DHE)通过使用本地Windows TLS/SSL库Secure Channel(Schannel)得到了隐式支持。
macOSStarting in version 4.0, Ephemeral Diffie-Hellman (DHE) is implicitly supported through the use of Secure Transport, the native macOS TLS/SSL library.从4.0版本开始,Ephemeral Diffie-Hellman(DHE)通过使用本地macOS TLS/SSL库Secure Transport得到了隐式支持。
Note

If clients negotiate a cipher suite with DHE but cannot accept the server selected parameter, the TLS connection fails.如果客户端与DHE协商密码套件,但无法接受服务器选择的参数,则TLS连接将失败。

Strong parameters (i.e. size is greater than 1024) are not supported with Java 6 and 7 unless extended support has been purchased from Oracle. However, Java 7 supports and prefers ECDHE, so will negotiate ECDHE if available.Java 6和7不支持强参数(即大小大于1024),除非从Oracle购买了扩展支持。然而,Java7支持并且更喜欢ECDHE,因此如果可用,将协商ECDHE。

DHE (and ECDHE) cipher suites are slower performance than static RSA cipher suites, with DHE being significantly slower than ECDHE. See Forward Secrecy Performance for more information.DHE(和ECDHE)密码套件的性能比静态RSA密码套件慢,其中DHE明显比ECDHE慢。有关详细信息,请参阅正向保密性能

Forward Secrecy Performance前向保密性能

DHE and ECDHE cipher suites are slower than static RSA cipher suites, with DHE being significantly slower than ECDHE.DHE和ECDHE密码套件比静态RSA密码套件慢,其中DHE明显比ECDHE慢。

For better performance with ECDHE, you can use certificates that use Elliptic Curve Digital Signature Algorithm (ECDSA). Alternatively, you can disable ECDHE cipher suites with the opensslCipherConfig parameter as in the following example (which also disables DHE)为了获得更好的ECDHE性能,您可以使用使用椭圆曲线数字签名算法(ECDSA)的证书。或者,您可以使用opensslCipherConfig参数禁用ECDHE密码套件,如下例所示(也禁用DHE)

mongod --setParameter opensslCipherConfig='HIGH:!EXPORT:!aNULL:!kECDHE:!ECDHE:!DHE:!kDHE@STRENGTH'

If you need to disable support for DHE cipher suites due to performance, you can use the opensslCipherConfig parameter, as in the following example:如果由于性能原因需要禁用对DHE密码套件的支持,可以使用opensslCipherConfig参数,如下例所示:

mongod --setParameter opensslCipherConfig='HIGH:!EXPORT:!aNULL:!DHE:!kDHE@STRENGTH'

Certificates证书

To use TLS/SSL with MongoDB , you must have the TLS/SSL certificates as PEM files, which are concatenated certificate containers.要在MongoDB中使用TLS/SSL,必须将TLS/SSL证书作为PEM文件,PEM文件是连接的证书容器。

MongoDB can use any valid TLS/SSL certificate issued by a certificate authority or a self-signed certificate. MongoDB可以使用证书颁发机构颁发的任何有效TLS/SSL证书或自签名证书。For production use, your MongoDB deployment should use valid certificates generated and signed by the same certificate authority. 对于生产使用,您的MongoDB部署应该使用由同一证书颁发机构生成和签名的有效证书。You can generate and maintain an independent certificate authority, or use certificates generated by a third-party TLS/SSL vendor.您可以生成和维护独立的证书颁发机构,也可以使用由第三方TLS/SSL供应商生成的证书。

Using a certificate signed by a trusted certificate authority allows MongoDB drivers to verify the server's identity.使用由可信证书颁发机构签署的证书,MongoDB驱动程序可以验证服务器的身份。

For example, see TLS/SSL Configuration for Clients.例如,请参阅客户端的TLS/SSL配置

Certificate Expiry Warning证书过期警告

Changed in version 4.4.4.4版更改。mongod / mongos logs a warning on connection if the presented x.509 certificate expires within 30 days of the mongod/mongos host system time. See x.509 Certificates Nearing Expiry Trigger Warnings for more information.如果提供的x.509证书在mongod/mongos主机系统时间后30天内过期,mongod/mongos会在连接时记录警告。有关详细信息,请参阅x.509证书接近到期触发警告

OCSP (Online Certificate Status Protocol)OCSP(联机证书状态协议)

Starting in version 4.4, to check for certificate revocation, MongoDB enables the use of OCSP (Online Certificate Status Protocol) by default. 从4.4版本开始,为了检查证书吊销,MongoDB默认启用OCSP(在线证书状态协议)。The use of OCSP eliminates the need to periodically download a Certificate Revocation List (CRL) and restart the mongod / mongos with the updated CRL.OCSP的使用消除了定期下载证书吊销列表(CRL)并使用更新的CRL重新启动mongod/mongos的需要。

In versions 4.0 and 4.2, the use of OCSP is available only through the use of system certificate store on Windows or macOS.在4.0和4.2版本中,OCSP的使用只能通过在Windows或macOS上使用系统证书存储来实现。

As part of its OCSP support, MongoDB 4.4+ supports the following on Linux:作为OCSP支持的一部分,MongoDB 4.4+在Linux上支持以下内容:

  • OCSP stapling. With OCSP stapling, mongod and mongos instances attach or "staple" the OCSP status response to their certificates when providing these certificates to clients during the TLS/SSL handshake. 使用OCSP绑定,mongodmongos实例在TLS/SSL握手期间向客户端提供OCSP证书时,会将OCSP状态响应附加或“绑定”到其证书。By including the OCSP status response with the certificates, OCSP stapling obviates the need for clients to make a separate request to retrieve the OCSP status of the provided certificates.通过将OCSP状态响应包括在证书中,OCSP装订消除了客户端单独请求检索所提供证书的OCSP状态的需要。
  • OCSP must-staple extension. OCSP must-staple is an extension that can be added to the server certificate that tells the client to expect an OCSP staple when it receives a certificate during the TLS/SSL handshake.OCSP must-staple是一个可以添加到服务器证书的扩展,它告诉客户端在TLS/SSL握手期间收到证书时需要OCSP装订。

MongoDB also provides the following OCSP-related parameters:MongoDB还提供了以下OCSP相关参数:

Parameter参数Description描述
ocspEnabledEnables or disables the OCSP support.启用或禁用OCSP支持。
ocspValidationRefreshPeriodSecsSpecifies the number of seconds to wait before refreshing the stapled OCSP status response.指定刷新装订的OCSP状态响应之前等待的秒数。
tlsOCSPStaplingTimeoutSecsSpecifies the maximum number of seconds the mongod / mongos instance should wait to receive the OCSP status response for its certificates.指定mongod/mongos实例在接收其证书的OCSP状态响应时应等待的最长秒数。
tlsOCSPVerifyTimeoutSecsSpecifies the maximum number of seconds that the mongod / mongos should wait for the OCSP response when verifying client certificates.指定mongod/mongos在验证客户端证书时等待OCSP响应的最大秒数。

You can set these parameters at startup using the setParameter configuration file setting or the --setParameter command line option.您可以在启动时使用setParameter配置文件设置或--setParameter命令行选项设置这些参数。

Note

Starting in MongoDB 5.0, the rotateCertificates command and db.rotateCertificates() method will also refresh any stapled OCSP responses.从MongoDB 5.0开始,rotateCertificates命令和db.rotateCertificates()方法也会刷新任何装订好的OCSP响应。

Identity Verification身份验证

In addition to encrypting connections, TLS/SSL allows for authentication using certificates, both for client authentication and for internal authentication of members of replica sets and sharded clusters.除了加密连接之外,TLS/SSL还允许使用证书进行身份验证,既用于客户端身份验证,也用于副本集和分片集群成员的内部身份验证

For more information, see:有关详细信息,请参阅:

FIPS Mode

Note

Enterprise Feature企业功能

Available in MongoDB Enterprise only.仅在MongoDB Enterprise中可用。

The Federal Information Processing Standard (FIPS) is a U.S. government computer security standard used to certify software modules and libraries that encrypt and decrypt data securely. 联邦信息处理标准(FIPS)是美国政府的计算机安全标准,用于认证加密和解密数据的软件模块和库。You can configure MongoDB to run with a FIPS 140-2 certified library for OpenSSL. Configure FIPS to run by default or as needed from the command line.您可以将MongoDB配置为使用经过FIPS 140-2认证的OpenSSL库运行。将FIPS配置为默认运行或根据需要从命令行运行。

For an example, see Configure MongoDB for FIPS.有关示例,请参阅为FIPS配置MongoDB