Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Unable to connect to AWS Documentdb using MongoDB Compass. No option to pass sslInvalidHostName

AWS DocumentDB is a relatively new service we're trying to migrate to. To connect from outside of the VPC, you have to create a tunnel to an existing instance.

For example:

ssh -i "ec2Access.pem" -L 27017:sample-cluster.cluster-cu52jq5kfddg.us-east-1.docdb.amazonaws.com:27017 [email protected] -N

And then you can connect from mongo shell with:

mongo --sslAllowInvalidHostnames --ssl --sslCAFile rds-combined-ca-bundle.pem --username <yourUsername> --password <yourPassword> 

You can see this info at: https://docs.aws.amazon.com/documentdb/latest/developerguide/connect-from-outside-a-vpc.html

I'm actually able to get a shell into document db following the above instructions but I can not connect to it using MongoDB compass. We need to be able to do this for our non-developer team.

like image 917
Bhavik Shah Avatar asked Feb 12 '19 02:02

Bhavik Shah


People also ask

Can MongoDB compass connect to DocumentDB?

NOTE: DocumentDB emulates the MongoDB API but currently does not support all of the commands that are expected to be available for the 3.6 server version reported. This may lead to some unexpected errors with Compass or other clients expecting a MongoDB server (particularly with aggregation features).

Why MongoDB compass is not connecting?

Ensure Your MongoDB Instance is Running Compass must connect to a running MongoDB instance. Make sure you have installed MongoDB and have a running mongod process. You should also check that the port where your MongoDB instance is running matches the port you provide in the Compass connect dialog.

Can't connect to DocumentDB?

If you can't connect to your Amazon DocumentDB cluster, the likely cause is that your security group (that is, firewall) for your cluster doesn't allow inbound connections on the port you chose for your Amazon DocumentDB cluster (default port is 27017).

Is MongoDB compatible with DocumentDB?

Amazon DocumentDB supports MongoDB 4.0 compatibility including ACID transactions. MongoDB 4.0 compatibility means that a vast majority of the applications, drivers, and tools you already use today with your MongoDB 4.0 databases can be used with Amazon DocumentDB 4.0 with little or no change.


1 Answers

I have done this using only MongoDB Compass (Community, v. 1.16.4), without creation of a tunnel via external tools.

Firstly, download AWS's certificate from: https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem. I have got this link from: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html

Also make sure that you have an access to your DocDB cluster from the EC2 instance. To do it look into security groups settings specified for your DocDB cluster. Given that you are able to get the access using mongo shell, you should have it.

Then on the connection screen in MongoDB Compass specify the following (your credentials used as an example):

  • Hostname: sample-cluster.cluster-cu52jq5kfddg.us-east-1.docdb.amazonaws.com
  • Port: 27017
  • Authentication: Username/Password
  • Username: YourDocDBUsername
  • Password: YourDocDBUserPassword
  • SSL: Server validation
  • Certificate Authority: (select downloaded rds-combined-ca-bundle.pem)
  • SSH Tunnel: Use identity file
  • SSH Hostname: ec2-34-229-221-164.compute-1.amazonaws.com
  • SSH Tunnel Port: 22
  • SSH Username: ubuntu
  • SSH Identity File: ec2Access.pem
like image 136
OutOfNPE Avatar answered Sep 22 '22 09:09

OutOfNPE