SSH Tunnel fails : 'localhost' not in the cert's altnames

SqlBoosterUser shared this problem 56 days ago
Solved

Hi,

I'm experimenting with nosqlBooster for mongodb, it looks promising.

I'm trying to establish a connexion to AWS DocumentDB, using a SSH Tunnel.

It "almost" works.

I have to use a certificate provided by AWS.


If I create a tunnel manually, then run a command line connexion like that :


$ mongo --ssl --host localhost --port 27017 --sslCAFile rds-combined-ca-bundle.pem --username root --password

=> it works fine


But if I use NoSQLBooster to do the same :

- either by using the buil-in ssh-tunnel function

- or by using my manually created tunnel

On "SSL" Tab I set 'Use own RootCA file (--sslCAfile)'

Then the connexion fails with the error " 'localhost' not in the cert's altnames "


If I tick 'Accept self-signed SSLcertificates' instead, it works.


Also note thet the 'official' mongo client 'Compass' works fine.


Looks like 'locahost' should be trusted by default when using a ssh tunnel.


kind regards


NoSQLBoosterUser :)

Comments (4)

photo
1

UPDATE

I was able to connect using the flag --sslAllowInvalidHostnames after the certificate path

2eb7095864e88f4800fd619307625c80

photo
1

Thank you for your feedback.

We have worked out a new test build to add sslAllowInvalidHostnames option. Please download and try it again.

MacOS: https://s3.mongobooster.com/download/releasesv5/nosqlbooster4mongo-5.1.5-beta.1.dmg

/1fcae350123da4a325fe3488c69fd762

photo
1

Resolved in 5.1.5