Using SSL and Kerberos authentication with MongoDB
To secure your authentication parameters, store the entire Security Config string in a vault (see use Using vaults). For example, assuming your Kerberos realm is MYREALM.COM, its KDC is kerberos.realm.com, the path to the SSL trust store is /cacerts, the path to the SSL keystore file is /client.pkcs12, and the passwords for both stores is MyPassword, the Striim console commands to store the Security Config string with the key SSLKerberos in a vault named MongoDBVault would be:
CREATE VAULT MongoDBVault;
WRITE INTO MongoDBVault (
vaultKey: "SSLKerberos",
vaultValue: "RealmName:MYREALM.COM;
KDC:kerberos.myrealm.com;
KeyStore:/keystore.pkcs12;
TrustStore:/cacerts;
trustStorePassword:MyPassword;
KeyStorePassword:MyPassword"
)Enter READ ALL FROM MongoDBVault; to verify the contents.
You would then specify the Security Config as [[MongoDBVault.SSLKerberos]].