Mongodb Java驱动程序将无法通过TLS连接
[英]Mongodb Java driver won't connect via TLS
问题描述
Im trying to connect to my mongoDb over TLS. 
我试图通过TLS连接到我的mongoDb。 Therefore i started the daemon with following arguments: 因此,我使用以下参数启动了守护程序:
mongod --sslMode requireSSL --sslPEMKeyFile <pem> --sslCAFile <ca>
I imported my rootCA into a Java keystore and set it via JVM Arguments in my Java Client Application (Springboot). 我将rootCA导入到Java密钥库中,并通过Java客户端应用程序(Springboot)中的JVM Arguments对其进行设置。 I also set TLS to version 1.1 via a JVM Argument. 我还通过JVM Argument将TLS设置为1.1版。
However im getting following error: 但是我得到以下错误:
com.mongodb.MongoTimeoutException: Timed out after 10000 ms while waiting to
connect. Client view of cluster state is {type=Unknown, servers=
[{address=10.0.2.103:27017, type=Unknown, state=Connecting, exception=
{com.mongodb.MongoException$Network: Exception opening the socket}, caused
by {javax.net.ssl.SSLHandshakeException: Remote host closed connection
during handshake}, caused by {java.io.EOFException: SSL peer shut down
incorrectly}}]
My certificates are signed with my own CA. 我的证书是使用我自己的CA签名的。
I read online somethings about clientcertificates, but shouldnt be the CA enough to validate that the server has a valid Certificate? 我在线阅读了有关客户端证书的内容,但是CA是否足以验证服务器具有有效的证书?
EDIT: Solved the problem by installing a mongodb with SSL support. 编辑:通过安装具有SSL支持的mongodb解决了该问题。 Now ive ran into another Problem. 现在,我遇到了另一个问题。 Ive imported my ca.pem into my truststore and imported my client.pem into my keystore (and also set them in my springboot properties). 我已经将我的ca.pem导入了我的信任库,并将我的client.pem导入了我的密钥库(并在我的springboot属性中进行了设置)。 But the mongodb server always states: "no SSL certificate provided by peer". 但是mongodb服务器始终声明:“对等方未提供SSL证书”。 Why does this happen? 为什么会这样?
1 个解决方案
解决方案1
0 已采纳 2018-10-29 16:03:13
I solved my problem by installing another MongoDB version which included SSL support. 我通过安装另一个包含SSL支持的MongoDB版本解决了我的问题。 The one i had didnt. 我没有的那个。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.