堆栈内存溢出
  简体   繁体   English

golang客户端无法连接到mongo数据库服务器-sslv3警报错误证书

[英]golang client fails to connect to mongo db server - sslv3 alert bad certificate

 原文  2017-05-13 04:44:22       mongodb/ ssl/ go/ ssl-certificate

问题描述

I'm trying to connect a go client to mongodb server running with ssl enabled. 我正在尝试将go客户端连接到启用了ssl的mongodb服务器。 I get a clear error message indicating that the hand shake failed due to ssl error. 我收到一条清晰的错误消息,指示由于ssl错误导致握手失败。 I use a self signed certificate on the client side. 我在客户端使用自签名证书。

Got below from the mongodb server: 从mongodb服务器获得以下信息: 

2017-05-13T04:38:53.910+0000 I NETWORK  [thread1] connection accepted from 172.17.0.1:51944 #10 (1 connection now open)
2017-05-13T04:38:53.911+0000 E NETWORK  [conn10] SSL: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
2017-05-13T04:38:53.911+0000 I -        [conn10] end connection

Error from Go client: 来自Go客户端的错误: 

Could not connect to mongodb_s1.dev:27017 x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "XYZ")

Tried multiple options, but didn't help 尝试了多种选择,但没有帮助

1 个解决方案

解决方案1
 1 已采纳  2017-05-13 10:59:20

You can skip TLS security checks using InsecureSkipVerify = true . 您可以使用InsecureSkipVerify = true跳过TLS安全检查。 This allows you to use self-signed certificates. 这使您可以使用自签名证书。 See the code from compose help below. 请参阅下面的撰写帮助中的代码。

Instead of skipping security checks, it is advisable to add the CA used to sign your certificates to the list of trusted CAs of the system. 建议不要跳过安全检查,而是将用于签署证书的CA添加到系统的受信任CA列表中。 

package main

import (
    "crypto/tls"
    "fmt"
    "net"
    "os"
    "strings"

    "gopkg.in/mgo.v2"
)

func main() {
    uri := os.Getenv("MONGODB_URL")
    if uri == "" {
        fmt.Println("No connection string provided - set MONGODB_URL")
        os.Exit(1)
    }
    uri = strings.TrimSuffix(uri, "?ssl=true")

Here: 这里: 

    tlsConfig := &tls.Config{}
    tlsConfig.InsecureSkipVerify = true

    dialInfo, err := mgo.ParseURL(uri)

    if err != nil {
        fmt.Println("Failed to parse URI: ", err)
        os.Exit(1)
    }

And here: 和这里: 

    dialInfo.DialServer = func(addr *mgo.ServerAddr) (net.Conn, error) {
        conn, err := tls.Dial("tcp", addr.String(), tlsConfig)
        return conn, err
    }

    session, err := mgo.DialWithInfo(dialInfo)
    if err != nil {
        fmt.Println("Failed to connect: ", err)
        os.Exit(1)
    }

    defer session.Close()

    dbnames, err := session.DB("").CollectionNames()
    if err != nil {
        fmt.Println("Couldn't query for collections names: ", err)
        os.Exit(1)
    }

    fmt.Println(dbnames)

}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 将mongo db连接到远程服务器nodejs - Connect mongo db to remote server nodejs 如何在Webpack开发服务器中连接Mongo DB - How to connect Mongo DB in a webpack dev server 解析mongo DB无法连接到服务器 - Parse mongo DB can not connect to server 对 Golang 的 Mongo DB 驱动程序的 Mongo DB 查询 - Mongo DB query on Mongo DB driver for Golang 无法连接到Mongo DB - Cannot connect to Mongo DB 将 angular 与 mongo db 连接 - Connect angular with mongo db Nodejs + Mongo数据库使用用户名和密码连接服务器数据库 - Nodejs + Mongo db connect with server database with username and password 如何将远程服务器中的 Mongo DB 连接到我的 Docker? - How to connect to Mongo DB which is in remote server to my Docker? 如何通过默认端口远程连接到 Mongo db 服务器? - How to connect to Mongo db server remotely through its default ports? 如何使用 robomongo 连接到远程服务器上的流星应用程序的 mongo db? - How to connect to mongo db of a meteor app on a remote server using robomongo?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM