MongoDB connection URI for SSL

Hi, I’m new to this community. Not sure if posting such a big description is okay. So here I go:

I’m working on JDK8 and using mongo-java-driver(v3.5.0) to connect MongoDB(v3.6.3) .

I’ve enabled SSL by following this article. I don’t have /etc/mongod.conf file, instead I’ve /etc/mongodb.conf file; so I’ve updated the SSL settings in that file:

# SSL options
# Enable SSL on normal ports
sslOnNormalPorts = true
# SSL Key file and password
sslPEMKeyFile = /etc/ssl/mongodb.pem
sslPEMKeyPassword = PASSWORD

I’m able to access mongo via mongo shell using:

mongo --ssl --sslCAFile /etc/ssl/rootCA.pem --sslPEMKeyFile /etc/ssl/mongodb.pem --host localhost

I want to connect MongoDB using Java driver. I initially tried the following JDBC connection string:


but as per documentation, there are no such options available. Also, I get error:

The connection string contains an invalid host 'localhost:27017/?ssl=true&sslAllowInvalidCertificates=true&sslPEMKeyFile=/etc/ssl'. The port '27017/?ssl=true&sslAllowInvalidCertificates=true&sslPEMKeyFile=/etc/ssl' is not a valid, it must be an integer between 0 and 65535

And when I try with the following connection string:


I get following error:

com.mongodb.MongoSocketWriteException: Exception sending message
    at com.mongodb.connection.InternalStreamConnection.translateWriteException( ~[mongo-java-driver-3.5.0.jar:?]
Caused by: PKIX path building failed: unable to find valid certification path to requested target

Could someone help me with what JDBC connection string I need to configure to connect successfully. Thank you.

Hi @Jitin_Dominic

Have you had a look at the Enable TLS/SSL on a Connection documentation? It should explain the basics of setting up a TLS connection to MongoDB from a Java application.



The documentation that you’ve shared is related to v4.7. And I’m using v3.6, so I’ve followed the this documentation

There is Java driver-specific TLS docs for 3.6 at TLS/SSL. As all the configuration is delegate to the JVM, it hasn’t really changed since then.

Sorry, I was out for couple of weeks. So I setup a MongoDB v4.4. Tried with new Java driver v3.12.11. Updated my connection URI to mongodb://localhost:27017/?ssl=true&tlsCertificateKeyFile=/etc/ssl/mongodb.pem&tlsCAFile=/etc/ssl/rootCA.pem

Also imported pem files using keytool but I still get the same error.