if I compile the c driver with "-DENABLE_SSL=WINDOWS" (windows secure Channel), connection would be failed if the client pem key file has password.
the error info of log:
****************************************************
[error@stream-secure-channel] Failed to parse private key. ASN1 bad tag value me
t.
(0x8009310B)
[warning@stream-secure-channel] a client certificate has been requested
****************************************************
note:
1. I create the private key for the pem file with this command: openssl genrsa -des3 -out server.key 2048 , and then input password : 1234
using mongo.exe , I can connect with the same pem file and password from my own working computer successfully:
mongo --host 10.154.10.39 --ssl --authenticationDatabase admin --username user1 -p 123 --sslCAFile d:/ca.pem --sslPEMKeyFile d:/cry.pem --sslPEMKeyPassword 1234
however, if my program uses the mongocxx driver, always get failed.
2. if I use the driver which is compiled with "-DENABLE_SSL=OPENSSL", this issue dissapears.
3. my c++ program source code:
const auto uri = mongocxx::uri
;
mongocxx::options::client client_options;
if (uri.ssl())
....
- related to
-
CDRIVER-2008 Test X.509 authentication with Secure Channel
- Backlog