Docs Menu
Docs Home
/ / /
PHP Library Manual

Connect to MongoDB

On this page

  • Overview
  • Sample Application
  • Connection
  • Atlas
  • Local Deployment
  • Replica Set
  • Transport Layer Security (TLS)
  • Enable TLS
  • Specify a Certificate Authority (CA) File
  • Disable OCSP Checks
  • Specify a Certificate Revocation List (CRL)
  • Present a Client Certificate
  • Provide a Certificate Key File Password
  • Allow Insecure TLS
  • Disable Certificate Validation
  • Disable Hostname Verification
  • Stable API

This page contains code examples that show how to connect your PHP application to MongoDB with various settings.

Tip

To learn more about the connection options on this page, see the link provided in each section.

To use a connection example from this page, copy the code example into the sample application or your own application. Make sure to replace all placeholders in the code examples, such as <hostname>, with the relevant values for your MongoDB deployment.

You can use the following sample application to test the code examples on this page. To use the sample application, perform the following steps:

  1. Ensure you have the MongoDB PHP Library installed in your project. To learn more about installing the MongoDB PHP Library, see the Download and Install guide.

  2. Copy the following code and paste it into a new .php file.

  3. Copy a code example from this page and paste it on the specified lines in the file.

1<?php
2
3require __DIR__ . '/../vendor/autoload.php';
4
5// Start example code here
6
7// End example code here
8
9try {
10 $client->test->command(['ping' => 1]);
11 echo 'Successfully pinged the MongoDB server.', PHP_EOL;
12} catch (MongoDB\Driver\Exception\RuntimeException $e) {
13 printf("Failed to ping the MongoDB server: %s\n", $e->getMessage());
14}

Important

Percent-Encoding

You must percent-encode a username and password before you include them in a MongoDB URI. You can use the rawurlencode() method to encode these values according to the URI syntax specified in RFC 3986. Don't percent-encode the username or password when passing them in an options array parameter to the MongoDB\Client constructor.

The following code shows how to connect to a MongoDB Atlas deployment:

$uri = '<Atlas connection string>';
$client = new MongoDB\Client($uri);

To learn more about connecting to an Atlas deployment, see Atlas in the Connection Targets guide.

The following code shows how to connect to a local MongoDB deployment:

$uri = 'mongodb://localhost:27017/';
$client = new MongoDB\Client($uri);

Note

If you don't specify the $uri parameter, the connection URI defaults to 'mongodb://127.0.0.1:27017'.

To learn more about connecting to a local deployment, see Local Deployments in the Connection Targets guide.

The following code shows how to connect to a replica set deployment:

$client = new MongoDB\Client(
'mongodb://<replica set member>:<port>/',
['replicaSet' => '<replica set name>'],
);
$uri = 'mongodb://<replica set member>:<port>/?replicaSet=<replica set name>';
$client = new MongoDB\Client($uri);

Tip

To maintain your connection to a replica set deployment when one host is down, you can provide multiple replica set members in the connection URI.

To learn more about connecting to a replica set, see Replica Sets in the Connection Targets guide.

The following code shows how to enable TLS for the connection to your MongoDB instance:

$client = new MongoDB\Client(
'mongodb://<hostname>:<port>/',
['tls' => true],
);
$uri = 'mongodb://<hostname>:<port>/?tls=true';
$client = new MongoDB\Client($uri);

To learn more about enabling TLS, see Enable TLS in the TLS Configuration guide.

The following code shows how to specify the path to your CA file for the connection to your MongoDB instance:

$client = new MongoDB\Client(
'mongodb://<hostname>:<port>/',
['tls' => true, 'tlsCAFile' => '/path/to/ca.pem'],
);
$uri = 'mongodb://<hostname>:<port>/?tls=true&tlsCAFile=/path/to/ca.pem';
$client = new MongoDB\Client($uri);

To learn more about specifying a CA file, see Specify a CA File in the TLS Configuration guide.

The following code shows how to prevent the driver from contacting the OCSP endpoint:

$client = new MongoDB\Client(
'mongodb://<hostname>:<port>/',
['tls' => true, 'tlsDisableOCSPEndpointCheck' => true],
);
$uri = 'mongodb://<hostname>:<port>/?tls=true&tlsDisableOCSPEndpointCheck=true';
$client = new MongoDB\Client($uri);

To learn more about disabling OCSP checks, see OCSP in the TLS Configuration guide.

The following code shows how to instruct the driver to verify the server's certificate against a CRL:

$client = new MongoDB\Client(
'mongodb://<hostname>:<port>/',
['tls' => true],
['crl_file' => '/path/to/file.pem'],
);

To learn more about specifying a CRL, see Certificate Revocation List in the TLS configuration guide.

The following code shows how to specify the client certificate that the driver presents to your MongoDB deployment:

$client = new MongoDB\Client(
'mongodb://<hostname>:<port>/',
['tls' => true, 'tlsCertificateKeyFile' => '/path/to/client.pem'],
);
$uri = 'mongodb://<hostname>:<port>/?tls=true&tlsCertificateKeyFile=/path/to/client.pem';
$client = new MongoDB\Client($uri);

To learn more about specifying a client certificate, see Present a Client Certificate in the TLS Configuration guide.

The following code shows how to specify the password for your client certificate:

$client = new MongoDB\Client(
'mongodb://<hostname>:<port>/',
[
'tls' => true,
'tlsCertificateKeyFile' => '/path/to/client.pem',
'tlsCertificateKeyFilePassword' => '<password>'
],
);
$uri = 'mongodb://<hostname>:<port>/?tls=true&tlsCertificateKeyFile=/path/to/client.pem&tlsCertificateKeyFilePassword=<password>';
$client = new MongoDB\Client($uri);

Important

When replacing the <password> placeholder in the connection URI, ensure that you percent-encode the value.

To learn more about providing a key file password, see Provide a Key Password in the TLS Configuration guide.

The following code shows how to relax TLS constraints, which has the same effect as disabling both certificate validation and hostname verification:

$client = new MongoDB\Client(
'mongodb://<hostname>:<port>/',
['tls' => true, 'tlsInsecure' => true],
);
$uri = 'mongodb://<hostname>:<port>/?tls=true&tlsInsecure=true';
$client = new MongoDB\Client($uri);

To learn more about allowing insecure TLS, see Allow Insecure TLS in the TLS Configuration guide.

Warning

Setting the tlsInsecure option to true might expose your application to security risks. Enabling this option makes your application insecure and potentially vulnerable to expired certificates and to foreign processes posing as valid client instances.

The following code shows how to disable certificate validation:

$client = new MongoDB\Client(
'mongodb://<hostname>:<port>/',
['tls' => true, 'tlsAllowInvalidCertificates' => true],
);
$uri = 'mongodb://<hostname>:<port>/?tls=true&tlsAllowInvalidCertificates=true';
$client = new MongoDB\Client($uri);

To learn more about disabling certificate validation, see Allow Insecure TLS in the TLS Configuration guide.

The following code shows how to disable hostname verification:

$client = new MongoDB\Client(
'mongodb://<hostname>:<port>/',
['tls' => true, 'tlsAllowInvalidHostnames' => true],
);
$uri = 'mongodb://<hostname>:<port>/?tls=true&tlsAllowInvalidHostnames=true';
$client = new MongoDB\Client($uri);

To learn more about disabling hostname verification, see Allow Insecure TLS in the TLS Configuration guide.

The following code shows how to enable the Stable API for the connection to your MongoDB instance:

$driverOptions = ['serverApi' => new MongoDB\Driver\ServerApi('1')];
$client = new MongoDB\Client(
'mongodb://<hostname>:<port>/',
[],
$driverOptions,
);

To learn more about the Stable API, see the Stable API guide.

Back

Next Steps