Mongo DB connection URI for SSL and sslAllowInvalidCertificates
jbharath11 opened this issue · comments
Mongo DB connectivity with Shell is working fine.
> mongo localhost:37017/admin -u <username> -p <password> --authenticationDatabase admin --ssl --sslAllowInvalidCertificates
I can't able to connect to a mongo db with connection uri like below,
> mongo mongodb://<username>:<password>@localhost:27017/admin?ssl=true&sslAllowInvalidCertificates=true&authSource=admin
Error
2019-04-22T11:17:45.342-0400 E NETWORK [thread1] SSL peer certificate validation failed: self signed certificate in certificate chain
2019-04-22T11:17:45.342-0400 E QUERY [thread1] Error: socket exception [CONNECT_ERROR] for SSL peer certificate validation failed: self signed certificate in certificate chain :
connect@src/mongo/shell/mongo.js:251:13
@(connect):1:6
exception: connect failed
[1]- Exit 1 mongo mongodb://<username>:<password>@localhost:27017/admin?ssl=true
[2]+ Done sslAllowInvalidCertificates=true
Because mongo db kafka connector provides only URI format connection string for connectivity, Can you please update me how to use the sslAllowInvalidCertificates
property in the connection string?
hi @jbharath11 thanks for reporting your issue related to SSL connections. I didn't find the time to reproduce your problem locally but in general when you work with SSL/TLS connections using self-signed certs in Java you need to configure that on the JVM level as well.
please try to read through this http://mongodb.github.io/mongo-java-driver/3.10/driver/tutorials/ssl/ and let me know if you succeed or not.
@jbharath11 do you have any updates on this? please let me know otherwise I would suggest to close this for now. thx in advance
@hpgrahsl - Sorry for the delay. As mentioned the discussion, configuring the SSL CA certificates in Java/JVM resolves it and we need to pass ssl=true in URI.
mongo mongodb://:@localhost:27017/admin?ssl=true