Hi,
I’ve recently been working to turn on tls for all communication to/from mongodb. So far, I’ve been able to connect with compass and mongosh from outside of docker desktop. To test the communication method recommended in the setup instructions, I created a basic webapi with a service to do the connection:
public MongoDbService(IConfiguration configuration)
{
// Get MongoDB connection string and database name from configuration
//var connectionString = configuration.GetConnectionString("MongoDb");
var settings = MongoClientSettings.FromConnectionString("mongodb://localhost:27017/?authMechanism=MONGODB-X509");
var clientCert = new X509Certificate2("mongodb-client.pem");
var caCert = new X509Certificate2("ca.pem");
settings.UseTls = true;
settings.SslSettings = new SslSettings
{
ClientCertificates = new List<X509Certificate> { clientCert, caCert },
EnabledSslProtocols = System.Security.Authentication.SslProtocols.Tls12, // Ensure TLS 1.2 or higher
CheckCertificateRevocation = false, // Adjust based on your environment requirements
ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true // Adjust based on your environment requirements
};
var client = new MongoClient(settings);
var database = client.GetDatabase("test-db"); // Replace with your database name
_collection = database.GetCollection<BsonDocument>("test-table"); // Replace with your collection name
}
If I step through the code I can see the ca and client files in the sslsettings field but the logs for mongodb show no ssl certificates being provided:
I’ve tried with MTLS turned on and off with the same effects.
My MongoDB.Driver is v2.28.0 and MongoDB is v7.0.14
Hoping you guys can help.