If you use --fork with ssl, the --sslPEMKeyFile argument needs to be an absolute path, whereas --logpath does not
Works: mongod --sslOnNormalPorts --sslPEMKeyFile mongo-10gen-dublin-2048.pem --sslPEMKeyPassword mongo
Fails: mongod --sslOnNormalPorts --sslPEMKeyFile mongo-10gen-dublin-2048.pem --sslPEMKeyPassword mongo --fork --logpath mongod.log
Fri Feb 22 15:27:56.180 [initandlisten] MongoDB starting : pid=31237 port=27017 dbpath=/data/db/ 64-bit host=dan-tm2
Fri Feb 22 15:27:56.180 [initandlisten] db version v2.4.0-rc0, pdfile version 4.5
Fri Feb 22 15:27:56.180 [initandlisten] git version: 09967e98e5d6280305d85553cdb2dd12e2e1e149 modules: subscription
Fri Feb 22 15:27:56.180 [initandlisten] build info: Linux bs-e-ubuntu1104 2.6.38-13-virtual #57-Ubuntu SMP Mon Mar 5 21:16:08 UTC 2012 x86_64 BOOST_LIB_VERSION=1_49
Fri Feb 22 15:27:56.180 [initandlisten] allocator: tcmalloc
Fri Feb 22 15:27:56.180 [initandlisten] options: { fork: true, logpath: "mongod.log", sslOnNormalPorts: true, sslPEMKeyFile: "mongo-10gen-dublin-2048.pem", sslPEMKeyPassword: "<password>" }
Fri Feb 22 15:27:56.308 [initandlisten] journal dir=/data/db/journal
Fri Feb 22 15:27:56.308 [initandlisten] recover : no journal files present, no recovery needed
Fri Feb 22 15:27:56.481 [initandlisten] ERROR: cannot read certificate file: mongo-10gen-dublin-2048.pem error:02001002:system library:fopen:No such file or directory
Fri Feb 22 15:27:56.481 [initandlisten] exception in initAndListen: 16562 ssl initialization problem, terminating
Need to add --sslPEMKeyFile to the arguments that need to be converted from relative to absolute paths when mongod is run with --fork
- duplicates
-
SERVER-8524 --sslPEMKeyFile and other ssl arguments require the full path when using --fork
-
- Closed
-