Hi, while I am connecting to database via Python script by using Pymongo facing the below error on LDAP-enabled replica set servers (2 data nodes & 1 Arbiter)
Error connecting to MongoDB: Private key doesn’t match certificate: [(‘SSL routines’, ‘’, ‘ca md too weak’)
Mongodb Version: Percona 5.0.14
Python Version:3.7.5
OS: CentOS 7
The settings on the CA that issued the certificate are too weak. The CA needs to be recreated and certificates reissued.
Could you share step by step instructions to create certs with openssl using strong algorithm.
This is really out of scope of the community forums. While not too difficult to do, creating and managing a CA is also easy to get wrong.
I would not recommend using openssl to manage a certificate authority. Two that I would recommend are below.
Hashicorp Vault:
https://developer.hashicorp.com/vault/tutorials/secrets-management/pki-engine
Step CA:
https://smallstep.com/docs/step-ca/basic-certificate-authority-operations/#table-of-contents