[英]How to connect to MongoDB Enabled with SSL and Auth using java
問題 :
我的CA證書為cafile.pem ,PEM證書為mongodb.pem 。 我不確定如何在Java中使用它進行身份驗證和連接MongoDB。 任何建議將不勝感激。 讓我知道是否需要更多信息。
場景:
我正在使用mongo-java-driver-3.4.3.jar連接到具有3個實例的已啟用SSL,已啟用身份驗證的 MongoDB 3.7.9分片群集。 以下是我嘗試連接到該服務器的Java代碼。
import java.util.ArrayList;
import java.util.List;
import org.bson.Document;
import com.mongodb.MongoClient;
import com.mongodb.MongoClientOptions;
import com.mongodb.MongoCredential;
import com.mongodb.ReadPreference;
import com.mongodb.ServerAddress;
import com.mongodb.client.MongoCollection;
import com.mongodb.client.MongoDatabase;
public class Starter {
public static void main(String[] args){
List<MongoCredential> mongoCredentials = new ArrayList<MongoCredential>();
mongoCredentials.add(MongoCredential.
createScramSha1Credential("admin", "admin", "admin".toCharArray()));
List<ServerAddress> serverAddressArray = new ArrayList<ServerAddress>();
serverAddressArray.add(new ServerAddress("xyz.domain.com", 27017));
MongoClientOptions options = new MongoClientOptions.Builder()
.sslInvalidHostNameAllowed(false)
.sslEnabled(true)
.readPreference(ReadPreference.primaryPreferred())
.build();
MongoClient mongoClient = new MongoClient(serverAddressArray, mongoCredentials, options);
try {
System.out.println("----- Step 1 ------");
MongoDatabase db = mongoClient.getDatabase("CIM");
System.out.println("----- Step 2 ------");
MongoCollection<Document> collection = db.getCollection("orders");
System.out.println("No of Documents in orders collection: " + collection.count());
} catch (Exception ex) {
System.out.println(ex.getMessage());
}
}
}
我誤入歧途;
----- Step 1 ------
----- Step 2 ------
Sep 20, 2018 2:48:02 PM com.mongodb.diagnostics.logging.JULLogger log
INFO: No server chosen by ReadPreferenceServerSelector{readPreference=ReadPreference{name=primaryPreferred}} from cluster description ClusterDescription{type=UNKNOWN, connectionMode=MULTIPLE, serverDescriptions=[ServerDescription{address=torvm-core16.sigma-systems.com:27017, type=UNKNOWN, state=CONNECTING}]}. Waiting for 30000 ms before timing out
Sep 20, 2018 2:48:03 PM com.mongodb.diagnostics.logging.JULLogger log
INFO: Exception in monitor thread while connecting to server xyz.domain.com:27017
com.mongodb.MongoSocketReadException: Prematurely reached end of stream
at com.mongodb.connection.SocketStream.read(SocketStream.java:88)
at com.mongodb.connection.InternalStreamConnection.receiveResponseBuffers(InternalStreamConnection.java:494)
at com.mongodb.connection.InternalStreamConnection.receiveMessage(InternalStreamConnection.java:224)
at com.mongodb.connection.CommandHelper.receiveReply(CommandHelper.java:134)
at com.mongodb.connection.CommandHelper.receiveCommandResult(CommandHelper.java:121)
at com.mongodb.connection.CommandHelper.executeCommand(CommandHelper.java:32)
.............
無論如何,我能夠按照以下RoboMongo3T中的配置連接MongoServer。
mongodb.pem
Bag Attributes
localKeyID: AA 4A 8D C5 AC CE 7A 08 F6 F1 00 2C 78 20 8D 0C 51 DE 66 F5
subject=/OU=Domain Control Validated/CN=*.xyz.com
issuer=/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIJAKpTjrMr7rpZMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
.
.
.
-----END CERTIFICATE-----
Bag Attributes: <No Attributes>
subject=/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
issuer=/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIJAKpTjrMr7rpZMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
.
.
.
-----END CERTIFICATE-----
Bag Attributes
localKeyID: AA 4A 8D C5 AC CE 7A 08 F6 F1 00 2C 78 20 8D 0C 51 DE 66 F5
Key Attributes: <No Attributes>
-----BEGIN PRIVATE KEY-----
MIIFPzCCBCegAwIBAgIJAKpTjrMr7rpZMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
.
.
.
-----END PRIVATE KEY-----
cafile.pem
-----BEGIN CERTIFICATE-----
MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
.
.
.
.
.
-----END CERTIFICATE-----
openssl pkcs12 -export -out mongodb.pkcs12 -in mongodb.pem
命令創建了mongodb.pkcs12文件。 我必須在以下代碼的keyStore和trustStore的文件路徑中包含此文件( 注 :我的代碼也已更改並最小化)。
import org.bson.Document; import com.mongodb.MongoClient; import com.mongodb.MongoClientURI; import com.mongodb.client.MongoCollection; import com.mongodb.client.MongoDatabase; public class Starter { private static MongoClient mongoClient; public static void main(String[] args) { System.setProperty("javax.net.ssl.trustStore", "mongodb.pkcs12"); System.setProperty("javax.net.ssl.trustStorePassword", "yourPassword"); System.setProperty("javax.net.ssl.keyStore", "mongodb.pkcs12"); System.setProperty("javax.net.ssl.keyStorePassword", "yourPassword"); MongoClientURI mongoClientURI = new MongoClientURI( "mongodb://admin:admin@hostname3.xyz.com,hostname2.xyz.com:27017,hostname3.xyz.com:27017/admin?ssl=true"); mongoClient = new MongoClient(mongoClientURI); try { MongoDatabase db = mongoClient.getDatabase("CIM"); MongoCollection<Document> collection = db.getCollection("orders"); System.out.println("No of Documents in orders collection: " + collection.count()); } catch (Exception ex) { System.out.println(ex.getMessage()); } } }
上面的代碼運行良好,下面是我得到的輸出,
Sep 24, 2018 3:49:13 PM com.mongodb.diagnostics.logging.JULLogger log
INFO: Discovered cluster type of SHARDED
Sep 24, 2018 3:49:15 PM com.mongodb.diagnostics.logging.JULLogger log
INFO: Opened connection [connectionId{localValue:4}] to hostname3.xyz.com:27017
No of Documents in orders collection: 3
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.