ghost
commented
10 years ago To support SSL (in)security a mongodb server must be built with the --ssl option: see the green note at the top of this page: http://docs.mongodb.org/manual/tutorial/configure-ssl/. Last but not least it also requires SSL certificate and keys but the link above is explaining all this quite well.
From this reading SSL support is hardly a mongodb driver issue...
This being said mongodb C++ driver has also SSL support (when built with --ssl option) but I doubt you could fully handle SSL from driver side alone: I would assume you'll need SSL on both ends.
Now imagine your xojo application encrypts client side data before it sends it (decrypting it when it get it back from server) - your data being stored encrypted in mongodb: SSL won't be required and your heart won't bleed when you'll have to discontinue database services to rebuild mongodb server and drivers for every OpenSSL security updates to come...
funkytaco
alwyn1024
I started to implement this and although the function is limited, it still works great, but do not see a way to use HTTPS. Right now, I'd be worried about a client sniffing the HTTP data for credentials. Normally the client is a web browser, so I guess that's why SSL security isn't usually a big issue with Mongo normally.