Details
-
Bug
-
Resolution: Gone away
-
Major - P3
-
None
-
None
-
None
-
None
Description
Hello, I ran into an issue where setting tls=true in the connection string is erroring, but using ssl=true with no other changes succeeds. According to the docs these should be identical.
In the failing case, the connection string is:
'mongodb://username:password@10.2.0.200:27017/admin?appName=Genny&maxPoolSize=2000&replicaSet=rs0&socketTimeoutMS=-1&tls=true&tlsAllowInvalidHostnames=true'
|
and logs:
[2021/09/28 15:50:10.698] 15:50:10Z> [2021-09-28 15:50:10.660325] [0x00007fa7e25d2700] [error] Unexpected std::exception: No suitable servers found: `serverSelectionTimeoutMS` expired: [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed]: failed to create a client session
|
[2021/09/28 15:50:10.698] 15:50:10Z> [2021-09-28 15:50:10.660408] [0x00007fa83f68c700] [error] Unexpected std::exception: No suitable servers found: `serverSelectionTimeoutMS` expired: [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed]: failed to create a client session
|
[2021/09/28 15:50:10.698] 15:50:10Z> [2021-09-28 15:50:10.660445] [0x00007fa81c646700] [error] Unexpected std::exception: No suitable servers found: `serverSelectionTimeoutMS` expired: [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed]: failed to create a client session
|
[2021/09/28 15:50:10.698] 15:50:10Z> [2021-09-28 15:50:10.660489] [0x00007fa81ce47700] [error] Unexpected std::exception: No suitable servers found: `serverSelectionTimeoutMS` expired: [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed]: failed to create a client session
|
....
|
In the successful case, the connection string is:
'mongodb://username:password@10.2.0.200:27017/admin?appName=Genny&maxPoolSize=2000&replicaSet=rs0&socketTimeoutMS=-1&ssl=true&tlsAllowInvalidHostnames=true'
|
As seen, the tls=true and ssl=true are the only changes.