I’ve been trying to set up SSL/TLS encryption for my MongoDB on my AWS EC2 server using Let’s Encrypt certificates, but I keep getting an error when I run mongosh. The error message specifically states “Error: error:0909006C:PEM routines:get_name:no start line”.
I’ve checked and double-checked my certificate files, and they appear to be in the correct format with no syntax errors. I’ve also tried using both the fullchain.pem and privkey.pem files as the tlsCertificateKeyFile, but I keep getting the same error.
Here’s my current
net section of the configuration file:
# network interfaces net: port: 27017 bindIp: 0.0.0.0 # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting. tls: mode: requireTLS tlsCertificateKeyFile: /etc/letsencrypt/live/mysite.com/fullchain.pem tlsCAFile: /etc/letsencrypt/live/mysite.com/chain.pem
And here’s the command I’m using to run mongosh:
sudo mongosh --host mysite.com --port 27017 --tls --tlsCertificateKeyFile /etc/letsencrypt/live/mysite.com/fullchain.pem --tlsCAFile /etc/letsencrypt/live/mysite.com/chain.pem --tlsAllowInvalidCertificates --tlsAllowInvalidHostnames
I’ve tried restarting the MongoDB service after making changes to the configuration file, but the error persists.
Any ideas on what could be causing this error and how to fix it? Perhaps this is a question for the Let’s Encrypt forums?
Thank you in advance for your help!