[GODRIVER-1779] SSL is disabled however client still sends SSL handshake Created: 03/Nov/20 Updated: 27/Oct/23 Resolved: 26/Nov/20 |
|
| Status: | Closed |
| Project: | Go Driver |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Archit Pandey | Assignee: | Kevin Albertson |
| Resolution: | Gone away | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Mongo Go Driver v1.4.2, running inside go-alpine docker image |
||
| Description |
|
We're running a Go app (go driver v1.4.2) along with a 3 node replica set (using Mongodb helm chart) on our Kubernetes cluster. Our app is unable to connect to the replica set without passing "connect=direct" in the URI. We're seeing the following error in the app:
When browsing through the logs on our replica set primary, we came across this error:
So it looks like the client is sending SSL handshakes to the server. We've tried passing `ssl=false` in the URI however that did not change the behaviour. |
| Comments |
| Comment by Backlog - Core Eng Program Management Team [ 26/Nov/20 ] | |||||||||||
|
There hasn't been any recent activity on this ticket, so we're resolving it. Thanks for reaching out! Please feel free to comment on this if you're able to provide more information. | |||||||||||
| Comment by Kevin Albertson [ 11/Nov/20 ] | |||||||||||
|
Hello pandey.archit7@gmail.com, thank you for the report! I attempted to reproduce your issue by starting a replica set with a two node 4.4 replica set, configuring both nodes with TLS disabled, starting each mongod with a config file resembling:
I was able to connect and run commands against both the primary and secondary with the following connection string and did not observe any logged connection errors:
Note, ssl=false (or equivalently tls=false) is the default behavior. ssl=true or tls=true is required in the URL. How are you connecting to the replica set? If you are using a connection string like "mongodb+srv", I wonder if TLS is getting enabled via TXT record lookup. Additionally, what version of the server are you running? |