Connecting to MongoDB 4.2.10 Enterprise Encrypted Installation on Windows 10

Suzette Cohen shared this problem 9 months ago
Not a Problem

Unable to connect to Encrypted MongoDB 4.2.10 Enterprise edition on Windows 10

I Choose X.509 under Authentification, I Have root CA file and Client Certificate.

On windows Certificate file is .pfx file, I am asked for .pem file. Also with .pem file it uses deprecated SSL instead of TLS (we use TLS 1.2)

Replies (1)

photo
1

I tried it already. Still getting MongoError: authFailed at Connection.messageHandler

(C:\\Users\\UserName\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\node_modules\\mongodb\\

lib\\core.connection\\connection.js:359:18

at Connection.emit (events.js:2013:13).....

Very long error stack ending with:

at TLSWrap.onStreamRead(internal/stream_base_common.js:166:17)

I added carriage return at the end of each line to make it easier to read.

It should all be one long string from Error to: (events.js:203:13)

May be it's because it uses: "SSL":true and not TLS.

photo
1

It is not SSL problem. The Connection string uses TLS, contains: tls=true in the connection string.

photo
1

The connection problem is difficult to solve, there are many factors that affect the connection problem, and we have no way to debug and reproduce the error locally unless you can provide a test database account that can be accessed remotely.

And, have you ever successfully connected to a mongo compass or mongo shell?

If the connection is successful, can you compare the configuration of the connection with the actual connection URI of NoSQLBooster.

Please use "test connection" to diagnose the connection and click "Copy report to clipboard", and send the report to me (support@nosqlbooster.com).

213991bdd0f446a3aa393dadfbbd69db

photo
1

I tested the connection. I have create CA certificate and mongoDb certificate using: OpenSSL. When I Press the To URI it says: tls=true, tlsCertificateKeyFile=CertName.pem...

But after pressing "Test Connection" it tries to connect with: ssl=true and sslCert=...

and changes the URI to: SSL instead of TLS.

The result is: failed to connect to server [ServerName:27017] on first connect {MongoError: auth failed...

TLSWrap.onStreamRead(internal/stream_base_common.js:167:17) {\n oj=0, code:18, codeName: AuthentificationFailed name:'MongoError'

I hope it helps.

photo
1

P.S. I do connect to Mongo from Command line using the same certificate (I use its thumbprint instead of Certificate file name.

photo
1

Hi

It also works with the same CA file and Certificate file.

I enter the file path as: C:\Crt\CAfile.pem and: C:\Crt\ClientCert.pem

photo
1

For the mongo client, tls=true and ssl=true are equivalent, there is no difference, this is not a problem. Please refer to http://mongodb.github.io/node-mongodb-native/3.6/api/MongoClient.html

If you ever successfully connected to the mongo compass GUI or mongo shell, could you give me your MongoDB URI or command-line parameters?

And, could you please give the full test report? Use "test connection" to diagnose the connection and click "Copy report to clipboard". You can also send an email to support(support@nosqlbooster.com).

photo
1

Hi

I successfully connected to mongo shell using:

mongo --host server1020 --tls --tlsCertificateKeyFile C:\Crt\MongoCert.pem --tlsCertificateKeyFilePassword=Password --tlsCAFile C:\Crt\CaCert.pem.

NoSQLBooster Connection Result is:


Version: 6.2.9


OS:{"platform":"win32","type":"Windows_NT","release":"6.1.7601","mem":"16G"}


License: Commercial 211180


Brief:


Connect to server1020 Status:OK Duration:


Error:


MongoNetworkError: failed to connect to server[server1020:27017] on first connect [MongoError: auth failed


Details:


08:58:28.812 ***Starting MongoClient.connect ***


{"options":{"appname":"NoSQLBoosterV6.2.9_81414.295","autoReconnect":true,"keepAlive":60000,"minSize":1,"poolSize":1,"promoteLongs":false,"promoteValues":false,"reconnectTries":172800,"ssl":true,"sslCA":"C:\\Crt\\CaCert.pem","sslCert":"C:\\Crt\\MongoCert.pem","sslKey":"C:\\Crt\\MongoCert.pem","sslPass":"******","sslValidate":false,"useNewUrlParser":true,"useUnifiedTopology":false},"uri":"mongodb://emailAddress%3Dadmin%40cads%2CCN%3Dserver1020%2COU%3DMLM%2CO%3DIAI%2CL%3DTA%2CST%3DISRAEL%2CC%3DIL@server1020:27017?authMechanism=MONGODB-X509&authSource=%24external&ssl=true"}


08:58:28.878 ***Connect Error ***


{"message":"failed to connect to server[server1020:27017] on first connect [MongoError: auth failed\n at Connection.messageHandler(C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connection.js:359:19)\n at Connection.emit(events.js:203:13)\n at processMessage(C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connection.js:451:10)\n at TLSSocket.<anonymous>(C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connection.js:620:15)\n atTLSSocket.emit (events.js:203:13)\n ataddChunk (_stream_readable.js:295:12)\n at readableAddChunk (_stream_readable.js:276:11)\n at TLSSocket.Readable.push(_stream_readable.js:210:10)\n atTLSWrap.onStreamRead (internal/stream_base_commons.js:166:17) {\n ok: 0,\n code: 18,\n codeName:'AuthenticationFailed',\n name:'MongoError'\n}]","name":"MongoNetworkError","stack":"MongoNetworkError:failed to connect to server [server1020:27017] on first connect [MongoError:auth failed\n at Connection.messageHandler(C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connection.js:359:19)\n at Connection.emit (events.js:203:13)\n at processMessage (C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connection.js:451:10)\n at TLSSocket.<anonymous>(C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connection.js:620:15)\n at TLSSocket.emit (events.js:203:13)\n at addChunk (_stream_readable.js:295:12)\n at readableAddChunk(_stream_readable.js:276:11)\n atTLSSocket.Readable.push (_stream_readable.js:210:10)\n at TLSWrap.onStreamRead(internal/stream_base_commons.js:166:17) {\n ok: 0,\n code: 18,\n codeName: 'AuthenticationFailed',\n name: 'MongoError'\n}]\n at Pool.<anonymous>(C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\topologies\\server.js:438:11)\n at Pool.emit (events.js:203:13)\n at C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\pool.js:562:14\n atC:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\pool.js:995:11\n at callback(C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connect.js:75:5)\n atC:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connect.js:147:27\n at _callback(C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connection.js:328:7)\n at Connection.messageHandler(C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connection.js:359:9)\n at Connection.emit(events.js:203:13)\n at processMessage(C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connection.js:451:10)\n at TLSSocket.<anonymous>(C:\\Users\\Sue35\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connection.js:620:15)\n at TLSSocket.emit (events.js:203:13)\n at addChunk(_stream_readable.js:295:12)\n atreadableAddChunk (_stream_readable.js:276:11)\n at TLSSocket.Readable.push(_stream_readable.js:210:10)\n atTLSWrap.onStreamRead (internal/stream_base_commons.js:166:17)"}

photo
1

From the command line argument you gave to mongo shell, the auth mode should not be x.509, but should be None or Basic. Please change your authentication mode and try it again.

b6fa0d9a1d8614f2f0ff7091d41da59d

photo
1

Thanks.

I can connect now successfully.

photo
Leave a Comment
 
Attach a file