stackoom
  简体   繁体   中英

Mongoose not sending SSL cert to MongoDB server

 原文  2017-04-28 14:24:57       node.js/ mongodb/ ssl/ mongoose/ self-signed

Question

I'm having issues with using some self-signed SSL certificates with Mongoose. The thing that's getting me hung up is that I can connect to the database server just fine with the normal Mongo Node client, but when I try the connection using the exact same configuration with Mongoose.createConnection, I get an error message reading '[conn1] no SSL certificate provided by peer' when I check the Mongod logs.

This is the code I use to connect with the MongoClient.connect (works): 

var MongoClient = require('mongodb').MongoClient
var fs = require('fs')  

// Read the certificates
const ca = [fs.readFileSync(process.env.caPath)];
const cert = fs.readFileSync(process.env.certPath);
let urlPath = ["mongodb://", username, ":", password, "@", dburl, ":", port, "/collection?&ssl=true"]
let url = urlPath.join('')

// Connect validating the returned certificates from the server
const options = {
  server: {
    ssl: true,
    sslValidate: true,
    sslCA: ca,
    sslCert: cert
  }
}

MongoClient.connect(url, options, function(err, db) {
  do stuff
})

And this is the code using Mongoose.createConnection (doesn't work): 

const mongoose = require('mongoose');
const fs = require('fs')

let urlPath = ["mongodb://", username, ":", password "@", dburl, ":", port, "/collection?&ssl=true"]
let url = urlPath.join('')

var ca = [fs.readFileSync(process.env.caPath, 'utf8')];
var cert = fs.readFileSync(process.env.certPath, 'utf8');

const options = {
  server: {
    ssl: true,
    sslValidate: true,
    sslCA: ca,
    sslCert: cert
  }
}
const connection = mongoose.createConnection(url, options)

According to the Mongoose docs , this looks like the right way to connect, and to add to the weirdness, passing in the server options to Mongoose.connect seems to work as well.

Thank you!

2 answers

solution1
 2  2018-02-05 11:38:45

I had the same problem, but I found that it was because I have cat 'ed the key and certificate together in the same .pem file (as suggested in the mongodb docs).

But it's easily fixed, just specify the same file under both sslCert: and sslKey: like this: 

const options = {
    server: {
        ssl: true,
        sslValidate: true,
        sslCA: ca,
        sslCert: cert,
        sslKey: cert
    }
}

In my case, it wasn't necessary to specify neither authMechanism nor authSource .

solution2
 0  2017-10-12 05:40:14

You need to set some additional authentication options ( authMechanism and authSource ) on mongoose.connect() to specify the SSL cert. See: https://docs.mongodb.com/manual/reference/connection-string/#authentication-options

These can be specified as options to mongoose like this: options.auth = { authMechanism: 'MONGODB-X509', authSource: '$external' }

then connect with those options:

this.mongoose.connect(uri, options, (err) => { ...

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AWS SSL cert for server api Azure Error: SSL Error: CERT_UNTRUSTED when using mongoose mongoose connect with CA_CERT using SSL digital ocean Is it posible to update ssl cert without server restarting? mongoose not connected to mongodb server Calculation when sending data through Mongoose to MongoDb Install mongoose with mongodb on different server Mongodb Secure Server Setup with Mongoose Nodejs - “Sending https request to the same domain multiple times” fail to get the SSL cert each time Mongoose/MongoDB Error: Cannot determine state of server
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM