Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11292

Connecting to ssl-encrypted mongod with non-ssl mongo shell generates confusing error

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor - P4
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: Backlog
    • Component/s: Security, Shell
    • Labels:

      Description

      Connecting to an encrypted mongod from an unencrypted mongo shell generates this clear server log:

      2013-10-21T14:34:47.034-0400 [conn3] AssertionException handling request, closing client connection: 17189 The server is configured to only allow SSL connections

      however, from the mongo shell, the user sees:

      MongoDB shell version: 2.5.4-pre-
      connecting to: test
      2013-10-21T14:34:47.034-0400 DBClientCursor::init call() failed
      2013-10-21T14:34:47.034-0400 Error: DBClientBase::findN: transport error: 127.0.0.1:27017 ns: admin.$cmd query: { whatsmyuri: 1 } at src/mongo/shell/mongo.js:146
      exception: connect failed

      which leaves no helpful clue about how to fix the issue. In a perfect world we would print something helpful like "ERROR: Cannot connect to encrypted server with unencrypted mongo shell. Try running mongo with --ssl." This could prove to be too complicated and hackish to implement properly, but would be nice for usability.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              backlog-server-security Backlog - Security Team
              Reporter:
              kyle.erf Kyle Erf
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated: