MongoDB installer with SSL and without SSL

[Atul Sureka]

To install Mongo DB I can see two versions of installer one "with SSL" & other as "without SSL".

https://www.mongodb.com/download-center?jmp=nav#community

My question is if I download "with SSL"  installer & do not configure SSL then doesn't it same as without SSL installer. What is the need of "without SSL" installer at first place? Is there anything specific feature which comes in "Without SSL" installer?

I use Monggo DB in my application but not sure which one I should recommend to my customers as I have mix set of customers who want with/without SSL.

Atul

[Stephen Steneker]

Hi Atul,

The feature difference between these two types of distributions is currently only the inclusion of TLS/SSL support in the MongoDB server and tools. Prior to MongoDB 3.0, distributions of the MongoDB community server did not include SSL support so "without SSL" was the old default. Most current distributions of MongoDB now include support for SSL unless otherwise noted on the download page.

For some O/S distributions (for example, Linux) the SSL libraries are dynamically linked and may require an extra step to install if they aren't already present. This approach allows system administrators to update SSL libraries (particularly for time-critical security fixes) without waiting for an updated MongoDB distribution.

SSL requires configuration to enable, so if your users do not use SSL this feature can always be enabled at a later date. However, if your users download a non-SSL distribution and want to use SSL for the MongoDB server or command-line tools they will have to download and install a new distribution of MongoDB.

For simplicity I think it makes sense to recommend all your users install a MongoDB server distribution with TLS/SSL support so they have the option of using TLS/SSL if needed. In most cases this should be the default distribution for the selected O/S in the MongoDB Download Center. Fewer install variations should also make it easier for you to support your users.

TLS/SSL is generally recommended to secure network communication for production deployments and may be required by some hosted services (for example, MongoDB Atlas). See the MongoDB Security Checklist for further recommendations to help your users secure their deployments.

Regards,

Stennie