[COMPASS-4816] Compass 1.26 inconsistency in SSL Certificate verification Created: 11/May/21  Updated: 29/Oct/23  Resolved: 03/Mar/22

Status: Closed
Project: Compass
Component/s: Compass
Affects Version/s: 1.26.0
Fix Version/s: 1.31.0

Type: Bug Priority: Major - P3
Reporter: Ari Rabinowitz Assignee: Unassigned
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on COMPASS-5232 Add connection `TLS/SSL` tab form inputs Closed
Epic Link: COMPASS-4948
Documentation Changes: Not Needed

 Description   

Problem Description

Compass 1.26.0 allows connections to a MongoDB which uses TLS with a self-signed certificate if you fill in the connection fields individually, but there seems to be no combination of connection string parameters which allow it to connect. Even copying the connection string which is displayed when you enter the fields individually and then click on "Paste connection string" does not work. It times out with a "self signed certificate" message.

Steps to Reproduce

Create a MongoDB with a self-signed certificate, open Compass and attempt to connect with a connection string of the form:
mongodb://<user>:<password>@10.0.0.101:27017/?authSource=admin&readPreference=primary&ssl=true

Expected Results

Compass opens the database.

Actual Results

Compass times out the connection and displays the message "self signed certificate".

Additional Notes

As stated in the Problem Description, the connection works when the individual fields are entered and SSL is set to Unvalidated (insecure) in the More Options tab.

I have tried the following variations of connect strings:
 

mongodb://<user>:<password>@10.0.0.101:27017/?authSource=admin&readPreference=primary&ssl=true

mongodb://<user>:<password>@10.0.0.101:27017/?authSource=admin&readPreference=primary&ssl=true&sslValidate=false

mongodb://<user>:<password>@10.0.0.101:27017/?authSource=admin&readPreference=primary&ssl=true&tlsAllowInvalidCertificates=true

mongodb://<user>:<password>@10.0.0.101:27017/?authSource=admin&readPreference=primary&ssl=true&sslInsecure=true

mongodb://<user>:<password>@10.0.0.101:27017/?authSource=admin&readPreference=primary&ssl=true&tlsInsecure=true



 Comments   
Comment by Maurizio Casimirri [ 03/Mar/22 ]

Compass 1.31 (currently in beta) has a different connection screen that does not suffer from this issue.

Generated at Wed Feb 07 22:37:32 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.