top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Self signed certificate for replica set for MongoDB?

+1 vote
410 views

I am trying to setup SSL on my replica set, I am creating the CA with the command

openssl req -newkey rsa:2048 -new -x509 -days 36500 -nodes -out mongodb-cert.crt -keyout mongodb-cert.key

My Environment:

MongoDB 3.2.6
Ubuntu 14.04

My replica set have 3 servers, Is thats the correct way to create the CA ?

posted May 14, 2016 by anonymous

Looking for an answer?  Promote on:
Facebook Share Button Twitter Share Button LinkedIn Share Button
This document helps you to configure MongoDB to support TLS/SSL. MongoDB clients can use TLS/SSL to encrypt connections to mongod and mongos instances. MongoDB TLS/SSL implementation uses OpenSSL libraries.
Document link is missing.

Similar Questions
+2 votes

I am trying to compile httpd-2.4.7 from source, but i get the following error

"#error mod_ssl requires OpenSSL 0.9.8a or later"

But my installed openssl version is openssl-1.0.1e and I have specified it --with-ssl option.
Any suggestions?

0 votes

I was wondering if someone could clarify the difference between the configuration parameters 'compression' versus 'SSLDisableCompression' or point me to some documentation that explains it?

Do they both refer to the same type of compression?

Based on the Tomcat docs I know the former controls whether or not the connector uses gzip compression. Regarding the latter, the Tomcat docs say:
"Disables compression if set to true and OpenSSL supports disabling compression.". Is that referring to a different type of compression?

Here is the behavior I'm seeing:

--compression=on and SSLDisableCompression=false, the responses are gzip'd
--compression=on and SSLDisableCompression=true, the responses are gzip'd
--compression=off and SSLDisableCompression=false, the responses are not gzip'd

Environment:

Tomcat 7.0.40
Java 7
RHEL (Linux)
APR/native connector with SSL
OpenSSL 1.0.0
APR 1.4.8
+1 vote

I only want to enable client authentication when deploy a mongodb replica set, as dont want to use the --keyfile option. Cant find useful information relate to this scenario by google...

If yes, could you share some guide link if have?

0 votes

I have an WebAPI connected with mongoDB instance which is not configured or started with SSL/TSL.
When I implemented security certificate for my WebAPI, connection to mongoDB get fails. Any idea....

...