Hi currently Im using MongoDB:5.0.21 and Mongosh:1.5.4. I’m trying to enable tls for my connection to secure the data in transit. As such I don’t have valid authorised certificates, I thought of making use of the test certificates and I followed everything provided under Security → AppendixA, AppendixB and AppendixC. (https://www.mongodb.com/docs/manual/appendix/security/appendixA-openssl-ca/)
I followed all the steps under creating test certificate under CA, SERVER and CLIENT and modified my configuration file with following properties.
tls:
mode: requireTLS
certificateKeyFile: test-server1.pem
CAFile: test-ca.pem
FIPSMode: true
The Mongod service successfully started now. When I tried to connect to mongod via mongosh using the following command, it is throwing the error as MongoServerSelectionError: self signed certificate.
mongosh “mongodb://mongotest.net:27017/testdb” --tls --tlsCertificateKeyFile test-client.pem --tlsCAFile test-ca.pem
Is their anything I missed during the test certificate generation process ??
Now on the same connection string, if I append tlsInsecure=true as shown below and now Im able to login to mongoshell. But does this mean, the session is secured and data transfer over the network is secured ??
mongosh “mongodb://mongotest.net:27017/testdb?tlsInsecure=true” --tls --tlsCertificateKeyFile test-client.pem --tlsCAFile test-ca.pem
Thanks in advance