Ability to invalidate or revoke a X.509 certificate that was not expired.

Currently, X.509 certificates can be issued for authentication and authorization. However, it is not possible to invalidate an already issued certificate. In a situation where the certificate would be compromised, it is therefore not possible to invalidate it and re-issue a new one. The only way is to delete the user associated with the certificate and create a new user account (New CN).

1 vote

Geoffrey shared this idea · Dec 4, 2020 · Flag idea as inappropriate… · Admin →

1 comment

An error occurred while saving the comment

AdminSalman (Admin, MongoDB) commented · December 7, 2020 9:56 AM · Flag as inappropriate

Hi Geoffrey,

Thank you for sharing the suggestion. Could you share here or in an email (product.security@mongodb.com) the scenario under which deleting a user is not feasible when a certificate is compromised?

Salman

Submitting...

Atlas: IAM

Give feedback

How can we improve the platform?

Ability to invalidate or revoke a X.509 certificate that was not expired.

1 comment

Feedback

Atlas: IAM

Feedback and Knowledge Base

Searching…

Give feedback

Your password has been reset

Ability to invalidate or revoke a X.509 certificate that was not expired.

We're glad you're here

1 comment

We're glad you're here

We're glad you're here

We're glad you're here

Atlas: IAM

Categories

Searching…

Give feedback

Your password has been reset