LDAP config password encryption and ldapS support

The documentation simply says “you would / should not use clear text passwords in config files in production” - but it does not say how we should store these passwords in production.

Another question I have, all your docs only mention ldap, which is cleartext protocol.

How can we configure the ldaps, over a secure channel?

Hi, there are different ways to avoid storing clear text passwords. For example use one of the many vault products that are available.

Regarding the ldap question I suggest you have a look at the transportSecurity option in the ldap configuration of mongod.conf. There are tutorials available in mongodb blogs.