Enabling TLS / SSL within a Replica Set

Hi, a question about enabling TLS. In M310-Chapter 1 Lesson “Enabling Internal X.509 Authentication” Problem, is established that “–clusterAuthMode x509 is passed to mongod to specify that X.509 certificates will be used for internal cluster authentication”. However in M310-Chapter 2 Lesson “Enabling TLS / SSL within a Replica Set”, when the mongod commands are issued the parameter --clusterAuthMode x509 is not set. I am a little confused. Could you clarify this question?
Thanks in advance.

Hi @Rene_43295,

To enable x.509 authentication, it is required to have a secure TLS/SSL connection.

In order to enable Internal x.509 Authentication, in addition to any TLS/SSL configurations as appropriate for your deployment, include the following to specify x.509 for internal authentication for each member of your replica set or sharded cluster:

To enable TLS/SSL, it is not required to set clusterAuthMode to x.509.

I hope it answers your question.

Please feel free to reach out if you have any additional questions.

Kind Regards,
Sonali

Thanks a lot! Your answer makes it clear. Maybe I didn’t understand the “Enabling TLS / SSL within a Replica Set” statement from M310 - Chapter 2.