Hello, I have been attempting to setup a new community server with TLS but am running into issues.
I have created a valid certificate and deployed it to the server. The same certificate and configuration works on Mongodb 7.0. However when trying to start an 8.0 server I receive the following error:
{“t”:{“$date”:“2025-06-17T16:11:00.127Z”},“s”:“F”, “c”:“CONTROL”, “id”:20574, “ctx”:“main”,“msg”:“Error during global initialization”,“attr”:{“error”:{“code”:72,“codeName”:“InvalidOptions”,“errmsg”:“The use of TLS without specifying a chain of trust is no longer supported. See https://jira.mongodb.org/browse/SERVER-72839 for details.”}}}
However, when following the instructions on the page, the server starts, but now requires a client certificate, which is not desired behavior. “No SSL certificate provided by peer; connection rejected”
We would like to enforce TLS for the server, and the client validates the certificate as normal, however client auth should continue to be password based (not certificate based)
Please show us your configuration file. And please show the attributes of your certificates. We don’t need all of them, output of openssl x509 -in <certificate file> -noout -subject -issuer -ext extendedKeyUsage,keyUsage,basicConstraints is sufficient.