2

I'm working on JDK8 and using mongo-java-driver(v3.5.0) to connect MongoDB(v3.6.3).

I've enabled SSL by following this article. I don't have /etc/mongod.conf file, instead I've /etc/mongodb.conf file; so I've updated the SSL settings in that file:

# SSL options
# Enable SSL on normal ports
sslOnNormalPorts = true
# SSL Key file and password
sslPEMKeyFile = /etc/ssl/mongodb.pem
sslPEMKeyPassword = PASSWORD

I'm able to access mongo via mongo shell using:

mongo --ssl --sslCAFile /etc/ssl/rootCA.pem --sslPEMKeyFile /etc/ssl/mongodb.pem --host localhost

I want to connect MongoDB using Java driver. I initially tried the following JDBC connection string:

mongodb://USER:PASSWORD@localhost:27017/?ssl=true&sslAllowInvalidCertificates=true&sslPEMKeyFile=/etc/ssl/mongodb.pem

but as per documentation, there are no such options available. Also, I get error:

The connection string contains an invalid host 'localhost:27017/?ssl=true&sslAllowInvalidCertificates=true&sslPEMKeyFile=/etc/ssl'. The port '27017/?ssl=true&sslAllowInvalidCertificates=true&sslPEMKeyFile=/etc/ssl' is not a valid, it must be an integer between 0 and 65535

And when I try with the following connection string:

url=mongodb://USER:PASSWORD@localhost:27017/?ssl=true

I get following error:

 com.mongodb.MongoSocketWriteException: Exception sending message
    at com.mongodb.connection.InternalStreamConnection.translateWriteException(InternalStreamConnection.java:445) ~[mongo-java-driver-3.5.0.jar:?]
.
...
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
.
...

Here's the code that I've used:

String url = "mongodb://USER:PASSWORD@localhost/?authSource=admin&ssl=true"
MongoClientURI connectionURI = new MongoClientURI(url)
mongoClient = new MongoClient(connectionURI)

Could someone help me with what JDBC connection string I need to configure to connect successfully. Thank you.

dev-eloper
  • 110
  • 11
  • https://mongodb.github.io/mongo-java-driver/3.5/driver/tutorials/connect-to-mongodb/#connection-options – Alex Blex Aug 04 '22 at 07:52
  • @AlexBlex I had tried this as well: `mongodb://USER:PASSWORD@localhost/?authSource=admin&ssl=true` And I keep getting the same exception related to `com.mongodb.MongoSocketWriteException: Exception sending message at com.mongodb.connection.InternalStreamConnection.translateWriteException(InternalStreamConnection.java:445) ~[mongo-java-driver-3.5.0.jar:?] . ... Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target . ...` – dev-eloper Aug 05 '22 at 05:51
  • @AlexBlex Is there any additional configurations I need to do to make this run? – dev-eloper Aug 05 '22 at 05:55
  • To run what exactly? show at least some code how you connect. – Alex Blex Aug 05 '22 at 07:23
  • @AlexBlex, I've updated my question and added the code used. – dev-eloper Aug 08 '22 at 12:23
  • The error message says `javax.net.ssl.` complains it's "unable to find valid certification path", Did you add the pem to the trust store? if so, show the code – Alex Blex Aug 09 '22 at 22:11
  • Sorry @AlexBlex, I was out for couple of weeks. So I setup a MongoDB v4.4. Tried with new Java driver v3.12.11. Updated my connection URI to `mongodb://localhost:27017/?ssl=true&tlsCertificateKeyFile=/etc/ssl/mongodb.pem&tlsCAFile=/etc/ssl/rootCA.pem` Also imported pem files using keytool but I still get the same error. – dev-eloper Aug 24 '22 at 15:06
  • Any update on this? I am also facing the same issue. – Vijaya Seetharaman Apr 11 '23 at 01:25

0 Answers0