Uploaded image for project: 'Mongoid'
  1. Mongoid
  2. MONGOID-4364

"SSL handshake failed" error for cluster accessible via Mongo shell.

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major - P3 Major - P3
    • 12_01_17
    • 6.0.2
    • None
    • None
    • Ubuntu 16.04 in a Docker 1.13 container; MongoDB 3.4.0-rc1 client and 3.2.10 server.

    Description

      When trying to access a MongoDB cluster running on Compose.io's infrastructure with Mongoid, it throws the following error:

      D, [2016-10-29T13:51:20.328988 #2891] DEBUG -- : MONGODB | Adding xxx.dblayer.com:15604 to the cluster.
      D, [2016-10-29T13:51:20.344174 #2891] DEBUG -- : MONGODB | SSL handshake failed. MongoDB may not be configured with SSL support.
      D, [2016-10-29T13:51:20.344528 #2891] DEBUG -- : MONGODB | Adding xxx.dblayer.com:15604 to the cluster.
      D, [2016-10-29T13:51:20.358100 #2891] DEBUG -- : MONGODB | SSL handshake failed. MongoDB may not be configured with SSL support.
      

      However, I'm able to log in via the Mongo shell:

      $ mongo --ssl --sslCAFile config/secrets/compose.crt xxx.dblayer.com/db_name -u user -p xxx
      MongoDB shell version v3.4.0-rc1
      connecting to: mongodb://xxx.dblayer.com/db_name
      MongoDB server version: 3.2.10
      WARNING: shell and server versions do not match
      Welcome to the MongoDB shell.
      For interactive help, type "help".
      For more comprehensive documentation, see
      	http://docs.mongodb.org/
      Questions? Try the support group
      	http://groups.google.com/group/mongodb-user
      mongos>
      

      I've verified that OpenSSL 1.0.2g is installed in the container, and that the connection works from my local machine (running macOS Sierra). This is my mongoid.yml file, with sensitive information redacted:

      mongoid.yml

      development:
        clients:
          default:
            uri: mongodb://user:<%= ENV['COMPOSE_MONGODB_PASSWORD'] %>@xxx.dblayer.com:15604,yyy.dblayer.com:15604/db_name_development?ssl=true
            options:
              ssl: true
              ssl_verify: true
              ssl_ca_cert: <%= Rails.root.join('config/secrets/compose.crt') %>
        options:
          raise_not_found_error: false
          scope_overwrite_exception: true
          use_utc: true
      test:
        clients:
          default:
            uri: mongodb://user:<%= ENV['COMPOSE_MONGODB_PASSWORD'] %>@xxx.dblayer.com:15604,yyy.dblayer.com:15604/db_name_test?ssl=true
            ssl: true
            ssl_verify: true
            ssl_ca_cert: <%= Rails.root.join('config/secrets/compose.crt') %>
            options:
              read:
                mode: :primary
              max_pool_size: 1
        options:
          raise_not_found_error: false
          scope_overwrite_exception: true
          use_utc: true
       
      staging:
        clients:
          default:
            uri: mongodb://user:<%= ENV['COMPOSE_MONGODB_PASSWORD'] %>@xxx.dblayer.com:15604,yyy.dblayer.com:15604/db_name_staging?ssl=true
            ssl: true
            ssl_verify: true
            ssl_ca_cert: <%= Rails.root.join('config/secrets/compose.crt') %>
            read:
              mode: :secondary_preferred
            options:
              max_pool_size: 75
              min_pool_size: 10
        options:
          raise_not_found_error: false
          scope_overwrite_exception: true
          use_utc: true
       
      production:
        clients:
          default:
            uri: mongodb://user:<%= ENV['COMPOSE_MONGODB_PASSWORD'] %>@xxx.dblayer.com:15604,yyy.dblayer.com:15604/db_name_production?ssl=true
            ssl: true
            ssl_verify: true
            ssl_ca_cert: <%= Rails.root.join('config/secrets/compose.crt') %>
            read:
              mode: :secondary_preferred
            options:
              max_pool_size: 75
              min_pool_size: 10
        options:
          raise_not_found_error: false
          scope_overwrite_exception: true
          use_utc: true
      

      At this point I'm not sure what else to try debugging. I'd appreciate any troubleshooting guidance you can provide! Thanks in advance for your help.

      Attachments

        Activity

          People

            emily.stolfo Emily Stolfo
            phyllisstein Daniel Shannon
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: