diff options
| author | Ted Tuckman <ted.tuckman@mongodb.com> | 2017-07-06 10:35:08 -0400 |
|---|---|---|
| committer | Ted Tuckman <ted.tuckman@mongodb.com> | 2017-07-10 16:14:15 -0400 |
| commit | 78fa7ae30d6b4d817750fbb7ff03c5bb0155a864 (patch) | |
| tree | 7070ba31e3d053e0c351a96a0675573638528f77 /src/mongo/util | |
| parent | 1adcee1aa67e6c767fd929d46834ab3b373cd1d6 (diff) | |
| download | mongo-78fa7ae30d6b4d817750fbb7ff03c5bb0155a864.tar.gz | |
SERVER-27592 open windows certificate store read only
Diffstat (limited to 'src/mongo/util')
| -rw-r--r-- | src/mongo/util/net/ssl_manager.cpp | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp index 560e562c7ee..c5b911ca6b2 100644 --- a/src/mongo/util/net/ssl_manager.cpp +++ b/src/mongo/util/net/ssl_manager.cpp @@ -929,8 +929,11 @@ inline Status checkX509_STORE_error() { Status importCertStoreToX509_STORE(const wchar_t* storeName, DWORD storeLocation, X509_STORE* verifyStore) { - HCERTSTORE systemStore = CertOpenStore( - CERT_STORE_PROV_SYSTEM_W, 0, NULL, storeLocation, const_cast<LPWSTR>(storeName)); + HCERTSTORE systemStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_W, + 0, + NULL, + storeLocation | CERT_STORE_READONLY_FLAG, + const_cast<LPWSTR>(storeName)); if (systemStore == NULL) { return {ErrorCodes::InvalidSSLConfiguration, str::stream() << "error opening system CA store: " << errnoWithDescription()}; |