Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-4406

Better warnings for missing SSL settings in mongod.conf

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Done
    • Icon: Minor - P4 Minor - P4
    • 2.1.0
    • 2.0.1
    • Usability
    • None
    • SSL enabled 2.0.1 64bit linux

    Description

      Can't start when using a mongod.conf file that has the sslPEMKeyFile value set and no value for sslOnNormalPorts or sslPEMKeyPassword.

      On the primary:

      Tue Nov 22 04:34:31 [conn3] replSet replSetInitiate admin command received from client
      Tue Nov 22 04:34:31 [conn3] replSet replSetInitiate config object parses ok, 3 members specified
      Tue Nov 22 04:34:31 [conn3] replSet warning example.com:27017 replied:

      { errmsg: "need to login", ok: 0.0 }

      On one of the other members:

      Tue Nov 22 04:34:31 [initandlisten] connection accepted from 1.1.3.4:54322 #4
      Tue Nov 22 04:34:31 [conn4] authenticate:

      { authenticate: 1, nonce: "2d2d2d2dd2d2d", user: "__system", key: "1372387dbd372e7328398dbd" }

      Tue Nov 22 04:34:31 [conn4] end connection 1.1.3.4:54322

      Fixing the mongod.conf to not set any of the 3 SSL options resolved the issue.

      It may be better to have the mongod config / command line validation create a more visible warning related to SSL settings

      Attachments

        Activity

          People

            brandon Brandon Diamond
            brandon Brandon Diamond
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: