如何使用带环回的SSL连接到MongoDB数据库

时间:2015-09-25 03:18:01

标签: mongodb loopbackjs

我正在尝试使用环回连接到Rackspace w / SSL中的MongoDB数据库,但它无法正常工作。好像连接得很好;如果我输入了错误的凭据(故意),我会收到一条错误消息,说“"无法连接"”但是当我使用正确的凭据时没有错误显示,所以我认为我连接正常。但是,当我尝试查询数据库时,它总是超时,任何想法发生了什么?

我的datasources.json看起来像:

(0..99).to_a
[*0..99]
0.upto(99).to_a
[*0.upto( 99 )]
(0..99).map {|a| a}
(0..100).step(1).to_a

我一直在阅读有关需要证书文件的内容,但不确定在这种情况下是否适用。

非常感谢任何帮助!

4 个答案:

答案 0 :(得分:1)

使用datasources.env.js如下

var cfenv = require('cfenv');
var appenv = cfenv.getAppEnv();

// Within the application environment (appenv) there's a services object
var services = appenv.services;

// The services object is a map named by service so we extract the one for MongoDB
var mongodb_services = services["compose-for-mongodb"];

var credentials = mongodb_services[0].credentials;

// Within the credentials, an entry ca_certificate_base64 contains the SSL pinning key
// We convert that from a string into a Buffer entry in an array which we use when
// connecting.
var ca = [new Buffer(credentials.ca_certificate_base64, 'base64')];

var datasource = {
    name: "db",
    connector: "mongodb",
    url:credentials.uri,
    ssl: true,
    sslValidate: false,
    sslCA: ca
};
module.exports = {
    'db': datasource
};

http://madkoding.gitlab.io/2016/08/26/loopback-mongo-ssl/ https://loopback.io/doc/en/lb3/Environment-specific-configuration.html#data-source-configuration

答案 1 :(得分:1)

使用lb4 datasource命令创建数据源,编辑通过将SSL详细信息添加到config对象('ssl','sslvalidated','checkserverIdentity,sslCA,sslKey等)而生成的数据源。

import fs from 'fs';
import path from 'path';

const ca = fs.readFileSync(
  path.join(__dirname, '../../utils/certs/mongodbca.cert'),
  'utf8',
);

const config = {
  name: 'test_db',
  debug: true,
  connector: 'mongodb',
  url: false,
  host:'hostname',
  port: port,
  user: 'user',
  password: 'password',
  database: 'databasename',
  authSource: 'admin',
  useNewUrlParser: true,
  ssl: true,
  sslValidate: true,
  checkServerIdentity: false,
  sslCA: [ca],
};

答案 2 :(得分:0)

这对我有用,您可以猴子修补Mongo.connect()函数,通过该函数可以添加option参数。 创建一个引导脚本文件,该文件可以使用SSL证书的MongoDB选项参数来建立与MongoDB的安全连接,该代码片段下面的代码是用引导脚本js编写的。

//Below code is written in a boot script
var monog_cert_file = fs.readFileSync(path.join(__dirname, '../certificate_dir/mongodb.pem'));
var monog_ca_file = fs.readFileSync(path.join(__dirname, '../certificate_dir/rootCA.pem'));
var monog_key_file = fs.readFileSync(path.join(__dirname, '../certificate_dir/mongodb.pem'));

const mongoOptions = {
            ssl: true,
            sslValidate: false,
            sslCA:monog_ca_file,
            sslKey:monog_key_file,
            sslCert:monog_cert_file,
            authSource:"auth_db_name"
        };

//Patching Mongo connect For option variable
const mongodb = require('mongodb').MongoClient;
const ogConnect = mongodb.connect;
const connectWrapper = function(url,cb) {
      return ogConnect(url, mongoOptions, cb);
 }
mongodb.connect = connectWrapper;
//Patching Mongo connect For option variable

答案 3 :(得分:-2)

使用datasources.json,如下所示

 app_db: {
"host": "127.0.0.1",
"port": 27017,
"database": "test",
"name": "app_db",
"username": "youruser",
"password": "yourpassword",
"connector": "mongodb",
"ssl":true,
"server": {
  "auto_reconnect": true,
  "reconnectTries": 100,
  "reconnectInterval": 1000,
  "sslValidate":false,
  "checkServerIdentity":false,
  "sslKey":fs.readFileSync('path to key'),
  "sslCert":fs.readFileSync('path to certificate'),
  "sslCA":fs.readFileSync('path to CA'),
  "sslPass":"yourpassphrase if any"

}

用户名,
密码,
    auto_reconnect,
    尝试和间隔都是可选的     使用下面的链接来获取使用OpenSSL的证书
https://docs.mongodb.com/manual/tutorial/configure-ssl/

相关问题
最新问题