MongoDB Ops Manager not starting IPv4 listener

Ops and Admin
,
1

An Ops Manager instance has been set up for the internal development environment.
The server was started with no TLS on default port: 8080

A CSR file was generated and signed using the internal dev environment CA Server, and the resultant pem file was used to configure TLS for MongoDB Ops Manager

URL to access Ops Manager: https://instance-one.eng.corp.com:8443
PEM file: /ops-manager-data/instance-one.pem
CA file: /ops-manager-data/ca.pem
Client Certificate Mode: 'all requests'

The ops manager instance was up and running successfully.

cat /opt/mongodb/mms/logs/mms0.log | grep "listen"
2024-09-08T07:45:52.384+0000 [main] INFO  com.xgen.svc.core.ServerMain [ServerMain.java:createSSLConnector:908] - Creating HTTPS (1.1) listener on *:8443

However, the listener is active on IPv6 instead of IPv4.

tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:27017           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:27037           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:27027           0.0.0.0:*               LISTEN     
tcp6       0      0 10.14.10.84:8080        :::*                    LISTEN     
tcp6       0      0 :::8443                 :::*                    LISTEN     
tcp6       0      0 :::22                   :::*                    LISTEN     
tcp6       0      0 ::1:631                 :::*                    LISTEN

In the conf-properties, the following properties were added to debug:

mms.http.bindhostname=10.1.2.84

Resultant: HTTP server is accessible on: http://10.1.2.84:8080, however the HTTPS instance is not reachable.
The CA.pem has been added to the cert list of Firefox instances also.

cat /opt/mongodb/mms/logs/mms0.log | grep "listen"
2024-09-08T07:45:52.384+0000 [main] INFO  com.xgen.svc.core.ServerMain [ServerMain.java:createSSLConnector:908] - Creating HTTPS (1.1) listener on *:8443
2024-09-08T07:45:52.386+0000 [main] INFO  com.xgen.svc.core.ServerMain [ServerMain.java:createNonSSLConnector:933] - Creating HTTP (1.1) listener on 10.14.10.84:8080

Debugging tried:

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (56) OpenSSL SSL_read: error:0A000412:SSL routines::sslv3 alert bad certificate, errno 0

is not throwing any error

Running:


Acceptable client certificate CA names
CN = NoSQL CA
Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA1:RSA+SHA1
Shared Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 1994 bytes and written 452 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 4096 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
80FB818896700000:error:0A000412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:../ssl/record/rec_layer_s3.c:1593:SSL alert number 42