Error: error:0909006C:PEM routines:get_name:no start line

Hi all,

I’ve been trying to set up SSL/TLS encryption for my MongoDB on my AWS EC2 server using Let’s Encrypt certificates, but I keep getting an error when I run mongosh. The error message specifically states “Error: error:0909006C:PEM routines:get_name:no start line”.

I’ve checked and double-checked my certificate files, and they appear to be in the correct format with no syntax errors. I’ve also tried using both the fullchain.pem and privkey.pem files as the tlsCertificateKeyFile, but I keep getting the same error.

Here’s my current net section of the configuration file:

# network interfaces
net:
  port: 27017
  bindIp: 0.0.0.0  # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6  addresses or, alternatively, use the net.bindIpAll setting.
  tls:
      mode: requireTLS
      tlsCertificateKeyFile: /etc/letsencrypt/live/mysite.com/fullchain.pem
      tlsCAFile: /etc/letsencrypt/live/mysite.com/chain.pem

And here’s the command I’m using to run mongosh:

sudo mongosh --host mysite.com --port 27017 --tls --tlsCertificateKeyFile /etc/letsencrypt/live/mysite.com/fullchain.pem --tlsCAFile /etc/letsencrypt/live/mysite.com/chain.pem --tlsAllowInvalidCertificates --tlsAllowInvalidHostnames

I’ve tried restarting the MongoDB service after making changes to the configuration file, but the error persists.

Any ideas on what could be causing this error and how to fix it? Perhaps this is a question for the Let’s Encrypt forums?

Thank you in advance for your help!

1 Like

Hi, do you manage to fix the issue? I am having the same issue as well, i tried several different .pem issued by certbot but the same error persist.