Hi. I’m using MongDB Compass (version 1.21.2). I’m connecting using SSL. I need to pass the sslAllowInvalidHostnames when I connect. I can do it from the command-line, using the mongo CLI, but I can’t figure out how to pass it in Compass. I’m doing the configuration via “Fill in connection fields individually”, since I’m also setting up an SSH tunnel. Is there any way to configure my connection so sslAllowInvalidHostnames is set?
Thanks in advance,
Eric
Welcome to the Community forum
On the tab more options under SSL you can see Unvalidated(inseccure) option
Thanks @Ramachandra_Tummala. Unfortunately, if I select that option, it takes away my ability to pass a CA cert, which is something that I need to do. I also have a sneaking suspicion that selecting “Unvalidated (insecure)” allows invalid certificates rather thant invalid hostnames - but that’s just a hunch.
On command line -ssl takes both sslAllowInvalidHostnames & sslAllowInvalidCertificates as parameters
So closest that matches above on Compass is Unvalidated
Looks like sslAllowInvalidHostnames cannot be set on Compass as per below jira ticket
https://jira.mongodb.org/browse/COMPASS-2207
@Eric_Marthinsen As a workaroud are you able to updates hosts entries on your local machine wher compass runs ?
@chris Sorry about the delay. Yes, I can update host entries on my local machine. How might that workaround work?
@Eric you can add entries so that the hostnames match the subject certificate name(s). There shoule be no need for sslAllowInvalidHostnames.
Ah, I see what you mean. That makes sense. I’ll give it a shot.