|
Here's some sample code showing how the client could provide the driver with the client side certificate for SSL:
var connectionString = "mongodb://somehost";
|
var clientSettings = MongoClientSettings.FromUrl(new MongoUrl(connectionString));
|
clientSettings.SslClientCertificate = new X509Certificate2("client.pfx", password);
|
clientSettings.UseSsl = true;
|
clientSettings.VerifySslCertificate = false; // only because the server's certificate in my testing environment was self signed
|
var client = new MongoClient(clientSettings);
|
In my testing scenario I was provided the client certificate in the form of a "client.pem" file which contained both the client certificate and the private key. I created a new "client.key" file by making a copy of "client.pem" and removing the certificate part with a text editor. I then used openssl to create the "client.pfx" file that Windows could work with:
openssl pkcs12 -in client.pem -inkey client.key -export -out client.pfx
|
openssl prompted for a password twice, once to read the client.key file and again to password protected the client.pfx output file.
|