[SERVER-25134] Propagate isSelf replicaset sanitycheck errors to the client Created: 18/Jul/16  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: Replication
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Minor - P4
Reporter: Hannes Magnusson Assignee: Backlog - Replication Team
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Replication
Participants:

 Description   

~/Sources/mongo/mongod --sslMode requireSSL --sslPEMKeyFile tests/x509gen/altname.pem --sslCAFile tests/x509gen/ca.pem --dbpath /data/rs1 --replSet foo 

~/Sources/mongo/mongo --ssl --sslCAFile tests/x509gen/ca.pem --host localhost --sslPEMKeyFile tests/x509gen/client.pem 
MongoDB shell version: 3.3.8-545-g4d826ac
connecting to: localhost:27017/test
MongoDB server version: 3.3.8-545-g4d826ac
Server has startup warnings: 
 
> rs.initiate()
{
	"info2" : "no configuration specified. Using a default configuration for the set",
	"me" : "infant:27017",
	"ok" : 0,
	"errmsg" : "No host described in new configuration 1 for replica set foo maps to this node",
	"code" : 93
}

 
2016-07-18T13:07:38.611-0700 I COMMAND  [conn2] initiate : no configuration specified. Using a default configuration for the set
2016-07-18T13:07:38.611-0700 I COMMAND  [conn2] created this configuration for initiation : { _id: "foo", version: 1, members: [ { _id: 0, host: "infant:27017" } ] }
2016-07-18T13:07:38.611-0700 I REPL     [conn2] replSetInitiate admin command received from client
2016-07-18T13:07:38.612-0700 I NETWORK  [thread1] connection accepted from 127.0.0.1:34930 #5 (3 connections now open)
2016-07-18T13:07:38.620-0700 E NETWORK  [conn5] SSL peer certificate validation failed: unsupported certificate purpose
2016-07-18T13:07:38.621-0700 I -        [conn5] AssertionException handling request, closing client connection: 6 Recv failed
2016-07-18T13:07:38.621-0700 E NETWORK  [conn2] The server certificate does not match the host name infant
2016-07-18T13:07:38.621-0700 I -        [conn5] end connection 127.0.0.1:34930 (2 connections now open)
2016-07-18T13:07:38.621-0700 W NETWORK  [conn2] couldn't check isSelf (infant:27017) socket exception [CONNECT_ERROR] for The server certificate does not match the host name infant
2016-07-18T13:07:38.621-0700 E REPL     [conn2] replSet initiate got NodeNotFound: No host described in new configuration 1 for replica set foo maps to this node while validating { _id: "foo", version: 1, members: [ { _id: 0, host: "infant:27017" } ] }

Turns out, the certificate I had passed to mongod didn't match the hostname rs.initiate() defaulted to.

It would be nice and error from the "check isSelf" sanitycheck been propagated through to the client, which clearly said "The server certificate does not match the host name infant"


Generated at Thu Feb 08 04:08:21 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.