-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Major - P3
-
None
-
Affects Version/s: 1.3.1
-
Component/s: None
-
None
-
Environment:Ubuntu 16.04
-
None
-
None
-
None
-
None
-
None
-
None
-
None
[amuralid@amuralid-master-vm:/localdisk...re_rwvx-build/rwlog]$ uname -a
Linux amuralid-master-vm 4.4.0-59-generic #80-Ubuntu SMP Fri Jan 6 17:47:47 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
I am trying to configure self signed certificate for the mongo server by following the official MongoDB docs.
Having configured the private key and cert and mongodb conf, I am able to bring up the server and connect to it using mongo shell client and also using pymongo (PYTHON-1568).
client = MongoClient('mongodb://127.0.0.1:8006/?connectTimeoutMS=1000&ssl=true', ssl_ca_certs="/localdisk/amuralid/container/ub/US-gr-611/rift/.build/ub16_debug/install/usr/rift/certstore/domain.crt", ssl_keyfile="/localdisk/amuralid/container/ub/US-gr-611/rift/.build/ub16_debug/install/usr/rift/var/rift/lp1-mgmt-vm-lp-2/mongo_certs/server/mongo.pem") >>> >>> >>> client.admin.command('ping') {'ok': 1.0}
Now I tried mapping this setup to mongoc_ssl_opt_t, but it doesn't work, as select server results in Timeout with much error context.
Cannot ping database, No suitable servers found (`serverselectiontryonce` set)
I am trying to map the python arguments I used to the C structure. Can someone tell me what "ssl_ca_certs" and "ssl_keyfile" maps to in the C structure ?
certificate="/localdisk/amuralid/container/ub/US-gr-611/rift/.build/ub16_debug/install/usr/rift/certstore/domain.crt"; // Set the SSL/TLS options ssl_opts_ = {0}; ssl_opts_.pem_file = pem_path_.c_str(); ssl_opts_.ca_file = certificate; //ssl_opts_.weak_cert_validation = true; // set the ssl options mongoc_client_set_ssl_opts(client_, &ssl_opts_);
In my code above, "ssl_opts_.ca_file" points to the certificate and "ssl_opts_.pem_file" points to the concat of private key and certificate.
Thanks in advance