Jack_Woehr
(Jack Woehr)
1
Community edition 7.0 on Ubuntu 24.04
I created a CA cert and installed it (update-ca-certificates etc.)
I created the server cert.
I configured mongodb.conf (excerpt):
tls:
mode: requireTLS
certificateKeyFile: /the/path/to/pem
allowInvalidCertificates: true
# to use our snake oil CA + cert
setParameter:
tlsUseSystemCA: true
After all this was done, mongodb successfully started and is running.
However, I have not found an invocation that will successfully connect to MongoDB from mongosh or Compass.
mongosh 'mongodb://admin:********@myserver?tls=true&tlsCAFile=%2fsome%2fpath%2fto%2fcert'
and every combination I can think of results in “No SSL certificate provided by peer; connection rejected”
How do I make a connection?
In lieu of crickets, I have opened an issue https://jira.mongodb.org/browse/SERVER-95536
Is relevant only for outgoing connections in a shared cluster or replica set.
You don’t provide any client certificate. Either create a x.509 client certificate and add it to your connection string as tlsCertificateKeyFile=/the/path/to/client-pem or add parameter
net:
tls:
allowConnectionsWithoutCertificates: true
Jack_Woehr
(Jack Woehr)
4
Solved this and wrote an article about this, soon to be published!
