Description
Hello there,
I'm trying to get Node JS application to connect to mongos but it fails when I set requireSSL on the mongos service
Windows 2012 R2
Mongo 3.0.2
I have used openSSL to create CA certificate, server certificate and client certificate and updated mongo.conf file on my MongoD server (Server=mzapp1)
mode: requireSSL
|
PEMKeyFile: "C:\\Mongo\\Certificates\\mzapp1.pem"
|
CAFile: "C:\\Mongo\\Certificates\\MikeTestCA.pem"
|
On my MongoS server I have setup config file
mode: requireSSL
|
PEMKeyFile: "C:\\Mongo\\Certificates\\mzweb1.pem"
|
CAFile: "C:\\Mongo\\Certificates\\MikeTestCA.pem"
|
On the NodeJS service also running on mzweb1 server, I am connecting using:
hostname: "mzweb1",
|
port: 27017,
|
ssl: true,
|
sslCA: require('fs').readFileSync("C:\\Mongo\\Certificates\\MikeTestCA.pem"),
|
sslValidate: true,
|
sslKey: require('fs').readFileSync("C:\\Mongo\\Certificates\\client.pem"),
|
sslCert: require('fs').readFileSync("C:\\Mongo\\Certificates\\client.pem")
|
With this configuration I get error in MongoS log file when I try to connect using NodeJS
"NETWORK [conn6] AssertionException handling request, closing client connection: 17189 The server is configured to only allow SSL connections"
|
If I go to command prompt on mzweb1 and run mongo shell, then it connects fine using the following sytax, which seems to imply my MongoS setup is OK
C:\Mongo\MongoDB\bin\mongo --ssl --sslPEMKeyFile C:\Mongo\Certificates\client.pem --sslCAFile C:\Mongo\Certificates\MikeTestCA.pem -host mzweb1 -port 27017
|
However if I change the NodeJS application to point directly to the mongoD by changing host/port to mzapp1/27018 then it also connects fine, which seems to indicate the Client.PEM file is OK, so am confused why I am getting issues only when connecitng NodeJS to MongoS
My workaround at the moment is to leave my NodeJS pointing at MongoS, but changing MongoS to "mode: preferSSL" but obviously would prefer to have everything setup for TLS (and understand better how MongoS is working!)
Can any one advise ?
Thanks