After Mongo Upgrade: The server certificate does not match the host name on valid wildcard cert

XMLWordPrintableJSON

    • Type: Question
    • Resolution: Works as Designed
    • Priority: Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Security
    • Server Triage
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      I have a valid wildcard cert (e.g. *.domain.com), signed from a CA. Once I upgraded Mongo from 2.6.12 to 3.0.15 trying to connect with the mongo client I get:

      $ mongo --ssl --host hostname.other.other.domain.com --sslCAFile /etc/ssl/certs/mongodb-ca-certificates.crt --sslPEMKeyFile /etc/ssl/certs/mongodb.pem
MongoDB shell version: 3.0.15
connecting to: hostname.other.other.domain.com:27017/test
2018-04-03T15:23:59.622+0000 E NETWORK  The server certificate does not match the host name hostname.other.other.domain.com
2018-04-03T15:23:59.623+0000 E QUERY    Error: socket exception [CONNECT_ERROR] for
    at connect (src/mongo/shell/mongo.js:181:14)
    at (connect):1:6 at src/mongo/shell/mongo.js:181
exception: connect failed

      The only thing that changed is the Mongo version. Any suggestions to why this is not working ?
      The cert and the CA match and validate fine with openssl (The domain name above is just an example)

              Assignee:
              [HELP ONLY] Backlog - Triage Team
              Reporter:
              Konstantin Ivanov
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: