incorrectCredentials in remote server

Question

incorrectCredentials in remote server

natanrolnik opened this issue 7 years ago · comments

Hi! Thanks for this great package.

While developing a server side app locally, I had no problem. The MongoDB connection was open without any problem.

However, I'm deploying my app to a server (I've tried using Dokku on Ubuntu and also Heroku, both with the Swift Buildpack), and to my surprise, the exact same code gives the following error:

fatal error: Error raised at top level: MongoKitten.AuthenticationError.incorrectCredentials: file /home/buildnode/jenkins/workspace/oss-swift-4.0-package-linux-ubuntu-14_04/swift/stdlib/public/core/ErrorType.swift, line 187

The URI looks totally fine:

mongodb://<DBUser>:<DBPassword>@<First>.mongodb.net:27017,<Second>.mongodb.net:27017,<Third>.mongodb.net:27017/<DBName>?ssl=true&replicaSet=<ReplicaSet>&authSource=admin

The MongoDB instance is hosted by MongoDB Atlas, and the server IP is whitelisted correctly so it can access the DB. MongoDB version is 3.4

Any ideas why I might be receiving this error?

Joannis Orlandos · Answer 1 · Tue Oct 17 2017 16:40:04 GMT+0800 (China Standard Time)

Which MongoKitten version is this? #127 which you referenced showed this problem and was fixed in 4.0.11

Natan Rolnik · Answer 2 · Tue Oct 17 2017 17:30:30 GMT+0800 (China Standard Time)

@Joannis I'm using MongoKitten 4.1.1

Lauren Shultz · Answer 3 · Sat Mar 03 2018 03:11:15 GMT+0800 (China Standard Time)

Was this issue ever solved? I am having the same problem.

Lauren Shultz · Answer 4 · Wed Mar 07 2018 22:26:29 GMT+0800 (China Standard Time)

@Joannis

I have the same issue, I can connect to a local host but when I try to connect to through atlas I get an incorrectCredentials error, It seems to have something to do with this section:

if let certBytes = CFDataCreate(kCFAllocatorDefault, bytes, data.count), let cert = SecCertificateCreateWithData(kCFAllocatorDefault, certBytes) {                        
guard SSLSetCertificateAuthorities(context, cert, true) == 0 else {
                            throw Error.cannotConnect
                        }
}

This keeps throwing a -- Use of unresolved identifier 'SSLSetCertificateAuthorities' -- error. I commented it out and my local db worked fine but the atlas wont connect, I'm assuming the atlas connection requires this part of the code and wont work with it commented out but I cant get it to stop throwing the error.

I am running it on an iOS platform if that makes a difference.

Was this issue ever solved and if so how was fixed?

Valerio Mazzeo · Answer 5 · Tue Mar 20 2018 08:28:01 GMT+0800 (China Standard Time)

@Joannis I am experiencing the same issue.

v4.0.16 (latest compatible with Vapor 2)

Although when running from Xcode (macOS) I have no problem in connecting to Atlas.
When running on Linux (Ubuntu 14/16, with docker), I keep getting inconsistent errors:

Disconnecting all connections because we're reconnecting
Successfully created a new connection to the server at [myserver-00]
Found a master connection at [myserver-00]
Starting SASL authentication for [REDACTED] against admin
Proving authentication using "[REDACTED]"
Responding to the SASL challenge using payload "[REDACTED]"
Authentication was successful
Successfully created a new connection to the server at [myserver-01]
Starting SASL authentication for [REDACTED] against admin
Proving authentication using "[REDACTED]"
Responding to the SASL challenge using payload "[REDACTED]"
Authentication was successful
Successfully created a new connection to the server at [myserver-02]
Starting SASL authentication for [REDACTED] against admin
Authentication for MongoDB user [REDACTED] with SASL failed against Optional("admin") because of the following error
{"ok":0}
Couldn't open a connection to MongoDB at [myserver-02]
incorrectCredentials

Or

Starting SASL authentication for [REDACTED] against admin
Authentication for MongoDB user [REDACTED] with SASL failed against Optional("admin") because of the following error
{"ok":0,"codeName":"AtlasError","errmsg":"could not find config for [myserver-00]\u0002","code":8000}
Couldn't open a connection to MongoDB at [myserver-00]
incorrectCredentials

From https://docs.atlas.mongodb.com/connect-to-cluster/

Prerequisites

TLS/SSL
Clients must have support for TLS/SSL to connect to an Atlas cluster.

Clients must have support for the SNI TLS extension to connect to an Atlas M0 Free Tier or M2/M5 shared starter cluster.

It smells like something to do with SNI TLS.

-- Edit

After further investigation, in MongoSocket:

address hostname is shard-00-00-sbxe9.mongodb.net
hostname sent through SSL is the same.
Mongo Atlas comes back with an error complaining about shard-00-00-sbxe9.mongodb.netongodb.net

Valerio Mazzeo · Answer 6 · Tue Mar 20 2018 19:27:06 GMT+0800 (China Standard Time)

As I thought there was a memory leak on the hostname string. This has now been fixed in #157

@Joannis grateful if you could merge it and release a hot-fix.

Robbert Brandsma · Answer 7 · Mon Mar 26 2018 17:20:29 GMT+0800 (China Standard Time)

I'm closing this issue now that the PR has been merged