Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-4406

Better warnings for missing SSL settings in mongod.conf

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Done
    • Priority: Icon: Minor - P4 Minor - P4
    • 2.1.0
    • Affects Version/s: 2.0.1
    • Component/s: Usability
    • Labels:
      None
    • Environment:
      SSL enabled 2.0.1 64bit linux

      Can't start when using a mongod.conf file that has the sslPEMKeyFile value set and no value for sslOnNormalPorts or sslPEMKeyPassword.

      On the primary:

      Tue Nov 22 04:34:31 [conn3] replSet replSetInitiate admin command received from client
      Tue Nov 22 04:34:31 [conn3] replSet replSetInitiate config object parses ok, 3 members specified
      Tue Nov 22 04:34:31 [conn3] replSet warning example.com:27017 replied:

      { errmsg: "need to login", ok: 0.0 }

      On one of the other members:

      Tue Nov 22 04:34:31 [initandlisten] connection accepted from 1.1.3.4:54322 #4
      Tue Nov 22 04:34:31 [conn4] authenticate:

      { authenticate: 1, nonce: "2d2d2d2dd2d2d", user: "__system", key: "1372387dbd372e7328398dbd" }

      Tue Nov 22 04:34:31 [conn4] end connection 1.1.3.4:54322

      Fixing the mongod.conf to not set any of the 3 SSL options resolved the issue.

      It may be better to have the mongod config / command line validation create a more visible warning related to SSL settings

            Assignee:
            brandon Brandon Diamond
            Reporter:
            brandon Brandon Diamond
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: