Details
-
Question
-
Resolution: Done
-
Trivial - P5
-
None
-
3.6.5
-
None
Description
Hello,
I bootstrapped a Mongo 3.6 server on Centos 7 and I'd like to use encryption in order to secure the communications between the server and my Node.JS clients.
My server and the clients are all behind the same VPC, i want to make it very simple. I've followed the documentation about the encryption (see: https://docs.mongodb.com/manual/tutorial/configure-ssl/). And I'm using the setting below in my /etc/mongod.conf
# mongod.conf
|
# for documentation of all options, see: |
# http://docs.mongodb.org/manual/reference/configuration-options/ |
# where to write logging data.
|
systemLog:
|
destination: file
|
logAppend: true |
path: /var/log/mongodb/mongod.log
|
# Where and how to store data.
|
storage:
|
dbPath: /opt/mongo
|
journal:
|
enabled: true |
# engine:
|
# mmapv1:
|
# wiredTiger:
|
# how the process runs
|
processManagement:
|
fork: true # fork and run in background |
pidFilePath: /var/run/mongodb/mongod.pid # location of pidfile
|
timeZoneInfo: /usr/share/zoneinfo
|
# network interfaces
|
net:
|
port: 27017 |
bindIp: 0.0.0.0 |
ssl:
|
mode: requireSSL
|
PEMKeyFile: /etc/ssl/mongodb.pem
|
allowInvalidHostnames: true |
allowInvalidCertificates: true |
allowConnectionsWithoutCertificates: true |
# bindIp: 127.0.0.1 # Listen to local interface only, comment to listen on all interfaces. |
security:
|
authorization: enabled
|
#operationProfiling:
|
#replication:
|
#sharding:
|
## Enterprise-Only Options
|
#auditLog:
|
#snmp:
|
Well, the server starts correctly and I can log in to it using a GUI client (Studio 3T) but when my apps cannot. They get "SSLHandshake failed" error. I use this connection string uri:
mongodb://username:password@host:27017/database?ssl=true&authSource=admin&ssl_ca_certs=/etc/ssl/certs/ca-bundle.crt
if you could give me some hints it would great, thank you!