DOCS-11363: clarify TLS

Author: kay-kim

source/administration/production-notes.txt

@@ -637,8 +637,8 @@ the MongoDB log:
 
 .. code-block:: none
 
-   <path to SSL libs>/libssl.so.<version>: no version information available (required by /usr/bin/mongod)
-   <path to SSL libs>/libcrypto.so.<version>: no version information available (required by /usr/bin/mongod)
+   <path to TLS/SSL libs>/libssl.so.<version>: no version information available (required by /usr/bin/mongod)
+   <path to TLS/SSL libs>/libcrypto.so.<version>: no version information available (required by /usr/bin/mongod)
 
 These warnings indicate that the system's TLS/SSL libraries are different
 from the TLS/SSL libraries that the :binary:`~bin.mongod` was compiled against.

source/core/security-transport-encryption.txt

@@ -19,17 +19,17 @@ MongoDB supports TLS/SSL (Transport Layer Security/Secure Sockets Layer)
 to encrypt all of MongoDB's network traffic. TLS/SSL ensures that MongoDB
 network traffic is only readable by the intended client.
 
-MongoDB TLS/SSL implementation uses OpenSSL libraries. MongoDB's SSL
-encryption only allows use of strong SSL ciphers with a minimum of
+MongoDB TLS/SSL implementation uses OpenSSL libraries. MongoDB's TLS/SSL
+encryption only allows use of strong TLS/SSL ciphers with a minimum of
 128-bit key length for all connections.
 
 Certificates
 ------------
 
-Before you can use SSL, you must have a :file:`.pem` file containing a
+Before you can use TLS/SSL, you must have a :file:`.pem` file containing a
 public key certificate and its associated private key.
 
-MongoDB can use any valid SSL certificate issued by a certificate
+MongoDB can use any valid TLS/SSL certificate issued by a certificate
 authority or a self-signed certificate. If you use a self-signed
 certificate, although the communications channel will be encrypted,
 there will be *no* validation of server identity. Although such a
@@ -43,7 +43,7 @@ For example, see :doc:`/tutorial/configure-ssl-clients`.
 Identity Verification
 ---------------------
 
-In addition to encrypting connections, SSL allows for authentication
+In addition to encrypting connections, TLS/SSL allows for authentication
 using certificates, both for :doc:`client authentication
 </core/authentication>` and for :doc:`internal authentication
 </core/security-internal-authentication>` of members of replica sets and

source/includes/extracts-mongo-ssl-options-base.yaml

@@ -19,7 +19,7 @@ content: |
 
    .. warning::
 
-      For SSL connections (``--ssl``) to :binary:`~bin.mongod` and
+      For TLS/SSL connections (``--ssl``) to :binary:`~bin.mongod` and
       :binary:`~bin.mongos`, if the {{program}} runs with the
       ``--sslAllowInvalidCertificates`` option , the {{program}} will
       not attempt to validate the server certificates. This creates a

source/includes/extracts-mongo-ssl-options.yaml

@@ -14,7 +14,7 @@ replacement:
   program: ":binary:`~bin.mongo`"
   instance: ":binary:`~bin.mongod` or :binary:`~bin.mongos`"
 post: |
-  If your MongoDB deployment uses SSL, you must also specify the ``--host`` option.
+  If your MongoDB deployment uses TLS/SSL, you must also specify the ``--host`` option.
   {{program}} verifies that the
   hostname of the {{instance}} to which you are connecting matches
   the CN or SAN of the {{instance}}'s ``--sslPEMKeyFile`` certificate.

source/includes/extracts-x509-certificate.yaml

@@ -95,7 +95,7 @@ content: |
 ref: x509-member-auth-configuration
 content: |
    To specify x.509 for internal authentication, in addition to the other
-   SSL configurations appropriate for your deployment, for each member of
+   TLS/SSL configurations appropriate for your deployment, for each member of
    the replica set or sharded cluster, include either:
 
    - :setting:`security.clusterAuthMode` and :setting:`net.ssl.clusterFile`

source/includes/fact-ssl-certificate-authorities.rst

@@ -1,6 +1,6 @@
 For production use, your MongoDB deployment should use valid certificates
 generated and signed by a single certificate authority. You or your
 organization can generate and maintain an independent certificate
-authority, or use certificates generated by a third-party SSL
+authority, or use certificates generated by a third-party TLS/SSL
 vendor. Obtaining and managing certificates is beyond the scope of
 this documentation.

source/includes/note-fips-is-enterprise-only.rst

@@ -1,4 +1,4 @@
-.. note:: FIPS-compatible SSL is
+.. note:: FIPS-compatible TLS/SSL is
    available only in `MongoDB Enterprise
    <http://www.mongodb.com/products/mongodb-enterprise?jmp=docs>`_. See
    :doc:`/tutorial/configure-fips` for more information.

source/includes/note-tls-ssl-terminology.rst

@@ -1,4 +1,3 @@
 .. note::
 
-   Although TLS is the successor to SSL, this page uses the more
-   familiar term SSL to refer to TLS/SSL.
+   TLS is the successor to SSL.

source/includes/options-mongo.yaml

@@ -79,8 +79,8 @@ description: |
   options. The  ``authSource`` and ``replicaSet`` options, if included in
   the connection string, will override any corresponding DNS-configured options 
   set in the TXT record. Use of the ``mongodb+srv:`` connection string implicitly
-  enables SSL (normally set with ``ssl=true``) for the client connection. The
-  SSL option can be turned off by setting ``ssl=false`` in the query string.
+  enables TLS/SSL (normally set with ``ssl=true``) for the client connection. The
+  TLS/SSL option can be turned off by setting ``ssl=false`` in the query string.
   
   Example:
   

source/includes/options-mongod.yaml

@@ -1416,7 +1416,7 @@ directive: option
 description: |
   .. versionadded:: 3.0.7
 
-  Prevents a MongoDB server running with SSL from accepting incoming
+  Prevents a MongoDB server running with TLS/SSL from accepting incoming
   connections that use a specific protocol or protocols. {{role}}
   recognizes the following protocols: ``TLS1_0``, ``TLS1_1``, and
   ``TLS1_2``. Specifying an unrecognized protocol will prevent the