Uploaded image for project: 'C++ Driver'
  1. C++ Driver
  2. CXX-2388

tls=true fails

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Gone away
    • Icon: Major - P3 Major - P3
    • None
    • None
    • None
    • None

    Description

      Hello, I ran into an issue where setting tls=true in the connection string is erroring, but using ssl=true with no other changes succeeds. According to the docs these should be identical.

      In the failing case, the connection string is:

      'mongodb://username:password@10.2.0.200:27017/admin?appName=Genny&maxPoolSize=2000&replicaSet=rs0&socketTimeoutMS=-1&tls=true&tlsAllowInvalidHostnames=true'
      

      and logs:

      [2021/09/28 15:50:10.698] 15:50:10Z>  [2021-09-28 15:50:10.660325] [0x00007fa7e25d2700] [error]   Unexpected std::exception: No suitable servers found: `serverSelectionTimeoutMS` expired: [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed]: failed to create a client session
       [2021/09/28 15:50:10.698] 15:50:10Z>  [2021-09-28 15:50:10.660408] [0x00007fa83f68c700] [error]   Unexpected std::exception: No suitable servers found: `serverSelectionTimeoutMS` expired: [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed]: failed to create a client session
       [2021/09/28 15:50:10.698] 15:50:10Z>  [2021-09-28 15:50:10.660445] [0x00007fa81c646700] [error]   Unexpected std::exception: No suitable servers found: `serverSelectionTimeoutMS` expired: [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed]: failed to create a client session
       [2021/09/28 15:50:10.698] 15:50:10Z>  [2021-09-28 15:50:10.660489] [0x00007fa81ce47700] [error]   Unexpected std::exception: No suitable servers found: `serverSelectionTimeoutMS` expired: [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed]: failed to create a client session
      ....
      

      In the successful case, the connection string is:

      'mongodb://username:password@10.2.0.200:27017/admin?appName=Genny&maxPoolSize=2000&replicaSet=rs0&socketTimeoutMS=-1&ssl=true&tlsAllowInvalidHostnames=true'
      

      As seen, the tls=true and ssl=true are the only changes.

      Attachments

        Activity

          People

            kevin.albertson@mongodb.com Kevin Albertson
            vlad.rachev@mongodb.com Vlad Rachev (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: