问题
The question doesn't let me sleep, MongoDB SSL on localhost is it required?
I have NodeJS RestAPI, and mongoDB on the same machine on the VPS. For what purpose using SSL on localhost, if MongoDB is installed on the same machine as NodeJS?
回答1:
MongoDB SSL on localhost is it required?
No.
For what purpose using SSL on localhost
Mostly cargo cult programming I would say.
回答2:
Is it required?
Required by MongoDB, no. Although it might be required by a system administrator or security manager.
MongoDB doesn't support requiring SSL on one connection but not another, so if the mongod is also listening on a non-local IP address, it might be required for that reason.
As to the purpose, there might be several.
If you are connecting to local host and the final production deploy might be on separate servers, it may be simpler to use SSL from the start rather than trying to shoehorn it in later.
The loopback connector is not magically more secure than other interfaces. In the event of a breach, it can be monitored, recorded, or redirected like any other interface, so if you are dealing with certain types of sensitive information there may be industry guidelines or even government regulations that require that data stream to be encrypted.
Using SSL with proper certificates allows you to validate that the server you are talking to is the one you expect. If there is a breach that manages to redirect your localhost to a mongod at a different IP, your application would refuse to connect unless they had also managed to compromise the certificate and private key.
If you are just doing your own thing, there is really no reason to use SSL at all, unless you see it as providing some specific benefit.
来源:https://stackoverflow.com/questions/61963344/mongodb-ssl-on-localhost-is-it-required