SSL peer certificate validation failed: unable to get local issuer certificate

Hi i’m getting the following error while trying to connect via mongoshell.

mongo mongodb+srv://sandbox-wyf9s.mongodb.net/test --username m001-student MongoDB shell version v4.2.3 Enter password: connecting to: mongodb://sandbox-shard-00-02-wyf9s.mongodb.net:27017,sandbox-shard-00-00-wyf9s.mongodb.net:27017,sandbox-shard-00-01-wyf9s.mongodb.net:27017/test?authSource=admin&compressors=disabled&gssapiServiceName=mongodb&replicaSet=Sandbox-shard-0&ssl=true 2020-02-25T11:37:24.868+0530 I NETWORK [js] Starting new replica set monitor for Sandbox-shard-0/sandbox-shard-00-02-wyf9s.mongodb.net:27017,sandbox-shard-00-00-wyf9s.mongodb.net:27017,sandbox-shard-00-01-wyf9s.mongodb.net:27017 2020-02-25T11:37:24.869+0530 I CONNPOOL [ReplicaSetMonitor-TaskExecutor] Connecting to sandbox-shard-00-01-wyf9s.mongodb.net:27017 2020-02-25T11:37:24.869+0530 I CONNPOOL [ReplicaSetMonitor-TaskExecutor] Connecting to sandbox-shard-00-02-wyf9s.mongodb.net:27017 2020-02-25T11:37:24.869+0530 I CONNPOOL [ReplicaSetMonitor-TaskExecutor] Connecting to sandbox-shard-00-00-wyf9s.mongodb.net:27017 ^C2020-02-25T11:37:29.498+0530 I CONTROL [main] shutting down with code:0 shanmugam-7652@shanmugam-7652:/ mongo mongodb+srv://sandbox-wyf9s.mongodb.net/test --username m001-student
MongoDB shell version v4.2.3
Enter password:
connecting to: mongodb://sandbox-shard-00-02-wyf9s.mongodb.net:27017,sandbox-shard-00-01-wyf9s.mongodb.net:27017,sandbox-shard-00-00-wyf9s.mongodb.net:27017/test?authSource=admin&compressors=disabled&gssapiServiceName=mongodb&replicaSet=Sandbox-shard-0&ssl=true
2020-02-25T11:37:47.321+0530 I NETWORK [js] Starting new replica set monitor for Sandbox-shard-0/sandbox-shard-00-02-wyf9s.mongodb.net:27017,sandbox-shard-00-01-wyf9s.mongodb.net:27017,sandbox-shard-00-00-wyf9s.mongodb.net:27017
2020-02-25T11:37:47.321+0530 I CONNPOOL [ReplicaSetMonitor-TaskExecutor] Connecting to sandbox-shard-00-01-wyf9s.mongodb.net:27017
2020-02-25T11:37:47.321+0530 I CONNPOOL [ReplicaSetMonitor-TaskExecutor] Connecting to sandbox-shard-00-00-wyf9s.mongodb.net:27017
2020-02-25T11:37:47.321+0530 I CONNPOOL [ReplicaSetMonitor-TaskExecutor] Connecting to sandbox-shard-00-02-wyf9s.mongodb.net:27017
2020-02-25T11:37:50.664+0530 E NETWORK [ReplicaSetMonitor-TaskExecutor] SSL peer certificate validation failed: unable to get local issuer certificate
2020-02-25T11:37:50.821+0530 I CONNPOOL [ReplicaSetMonitor-TaskExecutor] Connecting to sandbox-shard-00-01-wyf9s.mongodb.net:27017
2020-02-25T11:37:50.891+0530 W NETWORK [ReplicaSetMonitor-TaskExecutor] DNS resolution while connecting to sandbox-shard-00-02-wyf9s.mongodb.net:27017 took 3570ms
2020-02-25T11:37:52.711+0530 E NETWORK [ReplicaSetMonitor-TaskExecutor] SSL peer certificate validation failed: unable to get local issuer certificate
2020-02-25T11:37:52.768+0530 E NETWORK [ReplicaSetMonitor-TaskExecutor] SSL peer certificate validation failed: unable to get local issuer certificate
2020-02-25T11:37:52.768+0530 W NETWORK [ReplicaSetMonitor-TaskExecutor] Unable to reach primary for set Sandbox-shard-0
2020-02-25T11:37:52.768+0530 I NETWORK [ReplicaSetMonitor-TaskExecutor] Cannot reach any nodes for set Sandbox-shard-0. Please check network connectivity and the status of the set. This has happened for 1 checks in a row.
2020-02-25T11:37:52.821+0530 I CONNPOOL [ReplicaSetMonitor-TaskExecutor] Connecting to sandbox-shard-00-00-wyf9s.mongodb.net:27017
2020-02-25T11:37:52.821+0530 I CONNPOOL [ReplicaSetMonitor-TaskExecutor] Connecting to sandbox-shard-00-01-wyf9s.mongodb.net:27017
2020-02-25T11:37:52.832+0530 E NETWORK [ReplicaSetMonitor-TaskExecutor] SSL peer certificate validation failed: unable to get local issuer certificate
2020-02-25T11:37:53.321+0530 I CONNPOOL [ReplicaSetMonitor-TaskExecutor] Connecting to sandbox-shard-00-02-wyf9s.mongodb.net:27017
2020-02-25T11:37:53.368+0530 E NETWORK [ReplicaSetMonitor-TaskExecutor] SSL peer certificate validation failed: unable to get local issuer certificate
2020-02-25T11:37:53.470+0530 E NETWORK [ReplicaSetMonitor-TaskExecutor] SSL peer certificate validation failed: unable to get local issuer certificate
2020-02-25T11:37:54.751+0530 E NETWORK [ReplicaSetMonitor-TaskExecutor] SSL peer certificate validation failed: unable to get local issuer certificate
2020-02-25T11:37:54.821+0530 I CONNPOOL [ReplicaSetMonitor-TaskExecutor] Connecting to sandbox-shard-00-02-wyf9s.mongodb.net:27017
^C2020-02-25T11:37:54.866+0530 I CONTROL [main] shutting down with code:0

PC : ubuntu 18.04
mongoshell version : 4.2.3
Network : home network

Note : i can able to connect to same cluster with compass.
kindly help me to solve this.

Using your connection string, I get an “authentication failed” error with the password m001-mongodb-basics. Can you share the password for testing purposes? You can change it later.

Please review this post.

In addition to the post above, what Region is your Cluster located?

@007_jb

password : m001
cluster region : singapore

i tried to connect with cluster using mongoshell in my Mac, it worked fine.
I face this problem only in my ubuntu 18.04, which i needed most

I’s still getting an authentication error. Please double-check the username and password, and whitelist all IPs (for testing purposes).

Can you also confirm these:

  1. VPN - if you’re using a VPN disconnect from it and try again. If you’re not using VPN, use a VPN to connect to the US or Europe and try again.
  2. Proxy + firewall - are you using a Corporate network that’s behind a proxy? Also try disabling the firewall temporarily.
  3. In the connection strings page in Atlas, select version 3.4, copy and paste the connection string here.

Hi @007_jb
i’m not using vpn, this is the command used to connect.

mongo mongodb+srv://sandbox-wyf9s.mongodb.net/test --username m001-student --password m001

I couldn’t understand which version is 3.4 can you please share a screenshot of it?

Have you turned off the firewall? Are you using a work laptop?

@007_jb im using my personal laptop.

i couldn’t find the UI page that you have attached

in a connection string page i can able to find only option to download mongoshell

i tried also disabling firewall temporarily but the result is same

@Shanmugam_59718 do you mind confirming which country you’re located? I’ve seen some users in certain countries have problems connecting with SRV.

The following are your Atlas Sandbox connection strings for versions <=3.4. Try both of them and feedback:

  1. mongo "mongodb://sandbox-shard-00-00-wyf9s.mongodb.net:27017,sandbox-shard-00-01-wyf9s.mongodb.net:27017,sandbox-shard-00-02-wyf9s.mongodb.net:27017/test?replicaSet=Sandbox-shard-0" --tls --authenticationDatabase admin --username m001-student --password m001

  2. mongo "mongodb://sandbox-shard-00-00-wyf9s.mongodb.net:27017,sandbox-shard-00-01-wyf9s.mongodb.net:27017,sandbox-shard-00-02-wyf9s.mongodb.net:27017/test?replicaSet=Sandbox-shard-0" --ssl --authenticationDatabase admin --username m001-student --password m001

Also try these and let us know:

  1. mongo "mongodb+srv://m001-student:m001@sandbox-wyf9s.mongodb.net/test?authSource=admin&tls=true"

  2. mongo "mongodb+srv://m001-student:m001@sandbox-wyf9s.mongodb.net/test?authSource=admin&ssl=true"

It’s…
Connect > Connect with the Mongo Shell > I have the Mongo Shell installed