Issue deploying kubernetes MongoDB with SSL

I am trying to deploy a MongoDB with TLS authenticated (following these steps Deploy a Replica Set — MongoDB Kubernetes Operator 1.18). My database works properly when TLS is not enabled. The kubernetes mongo operator properly creates the csrs and I am able to approve them but then I receive the following error:

NETWORK [main] cannot read certificate file: /mongodb-automation/server.pem error:0906D06C:PEM routines:PEM_read_bio:no start line
CONTROL [main] Failed global initialization: InvalidSSLConfiguration: can not set up PEM key file

As these certificates are created by the kubernetes mongo system, I am unsure as to why they would not work/what I am missing.

Any advise/information/ideas would be greatly appreciated!

Thank you in advanced,
Calla

Hi Calla, thanks for reporting

can you please share the structure of the secret in kubernetes

the secret is resource-cert which contains one entry per pod with name resource-index-pem with the whole contents of the pem file

Let us know if this helps

Any further with this issue? I am trying to set this with OpenShift and getting this error
Mongo Logs: 2021-12-07T15:48:29.778+0000 E NETWORK [main] cannot read PEM key file: /mongodb-automation/server.pem error:0906D06C:PEM routines:PEM_read_bio:no start line 2021-12-07T15:48:29.779+0000 F CONTROL [main] Failed global initialization: InvalidSSLConfiguration: Can not set up PEM key file. : exit status 1

2021-12-08T06:32:07.841+0000 W CONTROL [main] Option: net.ssl.CAFile is deprecated. Please use net.tls.CAFile instead. 2021-12-08T06:32:07.841+0000 W CONTROL [main] Option: net.ssl.PEMKeyFile is deprecated. Please use net.tls.certificateKeyFile instead.
2021-12-08T06:32:07.841+0000 W CONTROL [main] Option: net.ssl.allowConnectionsWithoutCertificates is deprecated NETWORK [main] cannot read PEM key file: /mongodb-automation/server.pem Failed global initialization: InvalidSSLConfiguration: Can not set up PEM key file.

When checked
sh-4.2$ ls -ltr /mongodb-automation/server.pem
lrwxrwxrwx. 1 1000650000 root 61 Dec 8 06:20 /mongodb-automation/server.pem → /var/lib/mongodb-automation/secrets/certs/example-mongo-0-psh-4.2$ ls -ltr /var/lib/mongodb-automation/secrets/certs/
total 0
lrwxrwxrwx. 1 root 1000650000 26 Dec 8 06:20 example-mongo-2-pem → …data/example-mongo-2-pem
lrwxrwxrwx. 1 root 1000650000 26 Dec 8 06:20 example-mongo-1-pem → …data/example-mongo-1-pem
lrwxrwxrwx. 1 root 1000650000 26 Dec 8 06:20 example-mongo-0-pem → …data/example-mongo-0-pem
sh-4.2$em
But as such, there is on pem files in …data/. Not sure how does that gets created. But certainly not found in the mentioned location.

Following steps given in GitHub - IBM/openshift-mongodb-enterprise-operator-example: Using MongoDB Enterprise Operator with OpenShift and adding TLS using cert-manager