Mongodb – Who can explain mongodb with ssl

I created certificates according to the instructions on the official website of MongoDB, but it doesn't work properly.

I have a replica set and self-signed certificates.

I need a full encryption of traffic between replica members. How do I properly set up these replica members? And how do I enter the MongoDB shell?

I created certificates according to the instructions, in
mongod.conf:

sslMode = requireSSL
sslPEMKeyFile = /etc/ssl/mongo.pem ...

and try the add the parameter:

sslCAFile =  /etc/ssl/mongo.crt

and tried to enter:

mongo --ssl --sslPEMKeyFile /etc/ssl/mongo.pem --sslCAFile /etc/ssl/mongo.pem or 
mongo --ssl --sslPEMKeyFile /etc/ssl/mongo.pem --sslCAFile /etc/ssl/mongo.crt

I get the error – The server certificate does not match the host name.

If I use the client certificate then error: SSL peer certificate validation failed:self signed certificate.

the Mongod service is up and running. Mongo version – 3.0.2. Centos – 6.5 x64.

I went through a lot of links but haven't found a working solution.

If it is possible can you please give me the steps?

Best Answer

When you create the self signed certificate, you need to use a valid host name in the "Common Name" field, e.g.:

Common Name (eg, your name or your server's hostname) []: host.domain.com

If you want use a domain certificate, you need to change "host" with "*", e.g.:

Common Name (eg, your name or your server's hostname) []: *.domain.com

Best Answer

Related Solutions

MySQL 5.1.66 SSL connection error ERROR 2026 (HY000)

MongoDB – Setting Up SSL Certificates

Related Question