DigiCert 证书不适用于 MongoDB
[英]DigiCert certificate not working with MongoDB
问题描述
Have generated the valid certificates from DigiCerts (CA file and the pem file) .
已从 DigiCerts 生成有效证书(CA 文件和 pem 文件)。 PEM file is the combination of private key and server certificate. PEM 文件是私钥和服务器证书的组合。 but somehow the mongo shell is not working with these certificates.但不知何故,mongo shell 无法使用这些证书。
Here is the setup: The environment :这是设置: 环境:
what we have我们有什么
Mongo server : Ubuntu 16.04 , mongo version : 4.0.10
have configured the /etc/mongod.conf file as well.也配置了/etc/mongod.conf文件。 mentioned the path of the Pem file and CA file correctly.正确提到了 Pem 文件和 CA 文件的路径。 the CN name matches the hostname and is exactly the same. CN 名称与主机名匹配并且完全相同。
what is the issue这是什么问题
but now when i run the following mongo command , it fails但是现在当我运行以下 mongo 命令时,它失败了
root@m1:/home/administrator# mongo --port 27017 --ssl --host m1.com –-sslPEMKeyFile /etc/pemfile.pem –-sslCAFile /etc/cafile.pem
MongoDB shell version v4.0.13 connecting to: mongodb://m1.com:27017/%E2%80%93-sslPEMKeyFile?gssapiServiceName=mongodb 2019-12-05T06:50:31.195-0500 I NETWORK [js] DBClientConnection failed to receive message from m1.com:27017 - SocketException: short read 2019-12-05T06:50:31.195-0500 E QUERY [js] Error: network error while attempting to run command 'isMaster' on host 'm1.com:27017' : connect@src/mongo/shell/mongo.js:344:17 @(connect):2:6 exception: connect failed root@m1:/home/administrator#
the current server is primary/master server i guess.我猜当前服务器是主/主服务器。
please suggest请建议
1 个解决方案
解决方案1
0 已采纳 2019-12-11 12:01:03
Finally found the solution on this.终于在这个问题上找到了解决方案。 The actual issue was , not having Trusted root certificate in the CA file.实际问题是,CA 文件中没有受信任的根证书。 CA file was having just DigiCert CA certificate but TrustedRoot certificate was missing. CA 文件只有 DigiCert CA 证书,但缺少 TrustedRoot 证书。
The moment i added the certificate , it started working.我添加证书的那一刻,它开始工作。 Thanks.谢谢。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.