Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Mongoose SSL, connection not accepted

So it took me a bit to set up a repl set with SSL and authorization. However, I have it set up and working finally, and can connect via command line providing the appropriate parameters. I'm trying to do the same thing with mongoose, however I keep getting an error in the mongodb logs, as follows: AssertionException handling request, closing client connection: 17189 The server is configured to only allow SSL connections Even though I specified all the ssl options.

My code is as follows:

var m = require('mongoose');

var key = fs.readFileSync('/home/node/mongodb/mongodb.pem');
var ca = [fs.readFileSync('/home/node/mongodb/ca.pem')];

var o = {
    server: {
        sslValidate:true,
        sslCA: ca,
        sslKey: key,
        sslCert:key
    },
    user: '****',
    pass: '****'
};

m.connect('mongodb://dbAddr/dbName', o)

I've tried setting sslValidate to false, same issue. I've tried without CA, cert, and/or key in multiple combinations. When I connect via command line it requires me to provide CA, and key+cert PEM file. So I figured the mongoose client would require these as well. I've tried both server and replset keys with the same exact outcome. I've even specified authSource(authDB), even though it appears this is not part of the problem, this still yields the same results.

I'm really confused especially since I have no problem doing this exact same thing via the mongo command.

My mongo shell command is as follows:

mongo --host db1 --ssl --sslPEMKeyFile /etc/mongodb/mongodb.pem  --sslCAFile /etc/mongodb/ca.pem -u *** -p *** --authenticationDatabase dbName
like image 434
tsturzl Avatar asked Sep 28 '15 23:09

tsturzl


1 Answers

Not depicted in the mongoDB node driver documentation, you must also provide the option {server: {ssl: true} in order to connect via SSL. If you do not, the other options are simple ignored.

However, if you dig into the mongoose issue tracker on github you'll find this, which recommends this exactly.

like image 68
tsturzl Avatar answered Sep 30 '22 23:09

tsturzl