Uploaded image for project: 'Compass '
  1. Compass
  2. COMPASS-4816

Compass 1.26 inconsistency in SSL Certificate verification

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 1.31.0
    • Affects Version/s: 1.26.0
    • Component/s: Compass
    • None
    • Not Needed

      Problem Description

      Compass 1.26.0 allows connections to a MongoDB which uses TLS with a self-signed certificate if you fill in the connection fields individually, but there seems to be no combination of connection string parameters which allow it to connect. Even copying the connection string which is displayed when you enter the fields individually and then click on "Paste connection string" does not work. It times out with a "self signed certificate" message.

      Steps to Reproduce

      Create a MongoDB with a self-signed certificate, open Compass and attempt to connect with a connection string of the form:
      mongodb://<user>:<password>@10.0.0.101:27017/?authSource=admin&readPreference=primary&ssl=true

      Expected Results

      Compass opens the database.

      Actual Results

      Compass times out the connection and displays the message "self signed certificate".

      Additional Notes

      As stated in the Problem Description, the connection works when the individual fields are entered and SSL is set to Unvalidated (insecure) in the More Options tab.

      I have tried the following variations of connect strings:
       

      mongodb://<user>:<password>@10.0.0.101:27017/?authSource=admin&readPreference=primary&ssl=true

      mongodb://<user>:<password>@10.0.0.101:27017/?authSource=admin&readPreference=primary&ssl=true&sslValidate=false

      mongodb://<user>:<password>@10.0.0.101:27017/?authSource=admin&readPreference=primary&ssl=true&tlsAllowInvalidCertificates=true

      mongodb://<user>:<password>@10.0.0.101:27017/?authSource=admin&readPreference=primary&ssl=true&sslInsecure=true

      mongodb://<user>:<password>@10.0.0.101:27017/?authSource=admin&readPreference=primary&ssl=true&tlsInsecure=true

            Assignee:
            Unassigned Unassigned
            Reporter:
            ari@decisionframeworksystems.com Ari Rabinowitz
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: