-
Type: Question
-
Resolution: Done
-
Priority: Trivial - P5
-
None
-
Affects Version/s: 3.6.5
-
Component/s: Security
-
Labels:None
Hello,
I bootstrapped a Mongo 3.6 server on Centos 7 and I'd like to use encryption in order to secure the communications between the server and my Node.JS clients.
My server and the clients are all behind the same VPC, i want to make it very simple. I've followed the documentation about the encryption (see: https://docs.mongodb.com/manual/tutorial/configure-ssl/). And I'm using the setting below in my /etc/mongod.conf
# mongod.conf # for documentation of all options, see: # http://docs.mongodb.org/manual/reference/configuration-options/ # where to write logging data. systemLog: destination: file logAppend: true path: /var/log/mongodb/mongod.log # Where and how to store data. storage: dbPath: /opt/mongo journal: enabled: true # engine: # mmapv1: # wiredTiger: # how the process runs processManagement: fork: true # fork and run in background pidFilePath: /var/run/mongodb/mongod.pid # location of pidfile timeZoneInfo: /usr/share/zoneinfo # network interfaces net: port: 27017 bindIp: 0.0.0.0 ssl: mode: requireSSL PEMKeyFile: /etc/ssl/mongodb.pem allowInvalidHostnames: true allowInvalidCertificates: true allowConnectionsWithoutCertificates: true # bindIp: 127.0.0.1 # Listen to local interface only, comment to listen on all interfaces. security: authorization: enabled #operationProfiling: #replication: #sharding: ## Enterprise-Only Options #auditLog: #snmp:
Well, the server starts correctly and I can log in to it using a GUI client (Studio 3T) but when my apps cannot. They get "SSLHandshake failed" error. I use this connection string uri:
mongodb://username:password@host:27017/database?ssl=true&authSource=admin&ssl_ca_certs=/etc/ssl/certs/ca-bundle.crt
if you could give me some hints it would great, thank you!