Cannot start MongoDB service after configuring TLS

Rajesh_Joseph · April 15, 2020, 12:12am

I am new to MongoDB. I have installed MongoDB, and have done the configurations. Everything works fine till I add the configuration for TLS.I am using a Self signed Certificate. The MongoDB version I am using is 4.2.5. I am using Windows Server 2016 Datacenter edition. I have enabled TLS (1.0, 1.1, 1.2 (Server)) in registry.

The below is my config file:

When I try to start the MongoDB service, I get the below error:

However, I noticed that when I take out the below statements from the config file, the service starts:
net:
tls:
mode: requireTLS
certificateSelector: thumdprint=“‎45b*********************************************37”

chris · April 15, 2020, 12:43am

looks like a typo. You have a d instead of b in thumbprint

Rajesh_Joseph · April 15, 2020, 1:33am

I tried with “thumbprint”, that also did not work

Ramachandra_Tummala · April 15, 2020, 3:38am

Please try with subject instead of thumbprint and check if it works

net:
tls:
mode: requireTLS
certificateSelector: subject=""

chris · April 15, 2020, 12:44pm

Look at your mongod logs and/or try starting mongod from the command line.

Shudhanshu_Shukla · July 15, 2020, 12:51pm

Hi All,

I am also using “CertificateSelector” using thumbprint and i am able to run mongo service as well
also i can pass --tlsCertificateSelector option while connecting using mongo.exe (client) and able to connect to the server.

but the poblem i am facing with mongodump and mongorestore utility i am not able to pass these parameters to take the database backup.

Can any one pls guide me how to take mongo dump if i am using “CertificateSelector” using command line

Thanks in Advance.