Securing Mongodb with TLS Authentication

bala_subramanian · October 6, 2022, 5:49pm

While Connecting to MongoDB using tls certificates we are facing the issue

Command issued:

sudo mongo --tls --host 127.0.0.1 --tlsCAFile /etc/ssl/self/root_self_CA.pem --tlsCertificateKeyFile /etc/ssl/self/mongodb_client.pem --tlsCertificateKeyFilePassword admin@123 --tlsAllowInvalidCertificates -u mongouser -p --authenticationDatabase admin

Error Log:

{“t”:{“$date”:“2022-10-06T04:23:17.891-04:00”},“s”:“I”, “c”:“NETWORK”, “id”:22988, “ctx”:“conn59”,“msg”:“Error receiving request from client. Ending connection from remote”,“attr”:{“error”:{“code”:141,“codeName”:“SSLHandshakeFailed”,“errmsg”:“SSL peer certificate validation failed: self signed certificate”},“remote”:“192.168.0.117:51786”,“connectionId”:59}}
{“t”:{“$date”:“2022-10-06T04:23:17.891-04:00”},“s”:“I”, “c”:“NETWORK”, “id”:22944, “ctx”:“conn59”,“msg”:“Connection ended”,“attr”:{“remote”:“192.168.0.117:51786”,“uuid”:“5f3c1381-8f37-446a-b43c-2aa7a42e0859”,“connectionId”:59,“connectionCount”:0}}

Please help me on this

Ramachandra_Tummala · October 7, 2022, 1:56am

It could be due to bindIp parameter
What is the value you set it to?
While connecting you are using localhost but it seems you are connecting remotely
Did you try with actual hostname instead of localhost/127.0.0.1
What is your os?
For Mac & Windows additional param like certificateselector is available