mongodb atlas与ssl的连接问题

时间:2017-03-18 08:53:05

标签: mongodb ssl

我使用mongodb图集创建了一个群集。但是,我无法使用本地mongo shell连接到它。

当我使用下面的连接字符串时,它表示--ssl无法识别。

Harshavardhans-MacBook-Pro:bin harshavmb$ mongo "mongodb://m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017/test?replicaSet=m123-rs1-shard-0" --authenticationDatabase admin --ssl --username mongoadmin --password *****

解析命令行时出错:无法识别的选项' - ssl' 试试mongo --help'了解更多信息

如果我删除--ssl并尝试,我会看到下面的o / p。

Harshavardhans-MacBook-Pro:bin harshavmb$ mongo "mongodb://m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017/test?replicaSet=m123-rs1-shard-0" --authenticationDatabase admin --username mongoadmin --password ****
MongoDB shell version: 3.2.10
connecting to: mongodb://m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017/test?replicaSet=m123-rs1-shard-0
2017-03-18T14:19:00.820+0530 I NETWORK  [thread1] Starting new replica set monitor for m123-rs1-shard-0/m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017
2017-03-18T14:19:00.820+0530 I NETWORK  [ReplicaSetMonitorWatcher] starting
2017-03-18T14:19:06.255+0530 I NETWORK  [thread1] Socket recv() timeout  35.167.185.140:27017
2017-03-18T14:19:06.258+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_TIMEOUT] server [35.167.185.140:27017] 
2017-03-18T14:19:07.040+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.95.185:27017
2017-03-18T14:19:07.040+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.95.185:27017] 
2017-03-18T14:19:07.757+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:07.757+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:07.757+0530 W NETWORK  [thread1] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:08.985+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.95.185:27017
2017-03-18T14:19:08.985+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.95.185:27017] 
2017-03-18T14:19:09.702+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:09.702+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:10.419+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.167.185.140:27017
2017-03-18T14:19:10.419+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.167.185.140:27017] 
2017-03-18T14:19:10.419+0530 W NETWORK  [thread1] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:11.648+0530 I NETWORK  [ReplicaSetMonitorWatcher] Socket recv() errno:54 Connection reset by peer 35.162.95.185:27017
2017-03-18T14:19:11.648+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.167.185.140:27017
2017-03-18T14:19:11.648+0530 I NETWORK  [ReplicaSetMonitorWatcher] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.95.185:27017] 
2017-03-18T14:19:11.648+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.167.185.140:27017] 
2017-03-18T14:19:12.364+0530 I NETWORK  [ReplicaSetMonitorWatcher] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:12.365+0530 I NETWORK  [ReplicaSetMonitorWatcher] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:12.365+0530 W NETWORK  [ReplicaSetMonitorWatcher] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:14.731+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:14.731+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:14.731+0530 W NETWORK  [thread1] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:15.845+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.95.185:27017
2017-03-18T14:19:15.845+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.95.185:27017] 
2017-03-18T14:19:16.563+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.167.185.140:27017
2017-03-18T14:19:16.563+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.167.185.140:27017] 
2017-03-18T14:19:17.176+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:17.177+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:17.177+0530 W NETWORK  [thread1] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:17.181+0530 E QUERY    [thread1] Error: connect failed to replica set m123-rs1-shard-0/m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017 :
connect@src/mongo/shell/mongo.js:223:14
@(connect):1:6

exception: connect failed

有趣的是,我能够使用java驱动程序连接到集群。只有shell有这个问题。

搜索了很多问题来解决这个问题,但是找不到任何有用的链接。

任何帮助都将受到高度赞赏。

提前致谢。

4 个答案:

答案 0 :(得分:1)

  

解析命令行时出错:无法识别的选项'--ssl'尝试'mongo --help'以获取更多信息

MongoDB Atlas requires SSL/TLS用于所有连接。此命令行错误表示您的mongo shell版本不包含SSL / TLS支持。

根据您的偏好,您可以使用以下方法安装适当的mongo shell版本

  • Homebrewbrew install mongodb --with-openssl
  • MongoDB Download Center。注意:默认情况下应该是下载具有SSL支持的二进制文件,但下拉列表中也提供了非SSL下载。

安装打包版本(例如Homebrew)通常更好,因为这简化了管理mongod服务和更新到新版本的过程。如果您想运行多个版本的MongoDB或将文件保持隔离到特定目录,但不包括服务包装器或默认配置文件等便利,则二进制下载可能更相关。

答案 1 :(得分:1)

你必须拥有SSL / TSL的mongodb,因为MongoDB Atlas需要它用于所有连接。

您可以通过运行以下命令来获得。

brew install mongodb --with-openssl

将你的mongodb升级到3.4.4。

brew upgrade mongodb

然后尝试通过mongo shell连接到mongo云。

答案 2 :(得分:0)

我已将Mongo 3.2二进制文件复制到/usr/local/bin目录,因此这不允许更新版本的mongo二进制文件(3.4)。所以,最终我必须从/usr/local/bin目录中删除二进制文件并粘贴3.4的二进制文件,这就解决了ssl问题。

答案 3 :(得分:0)

最近,MongoDb Atlas将其证书从Digicert切换到LetsEncrypt(2020年2月),对于其中没有LetsEncrypt证书的证书存储区,可能会出现问题。

临时旁路是在连接字符串的末尾包括sslVerifyCertificate=false。但是解决方案是将您的操作系统或驱动程序库更新为包含LetsEncrypt证书的版本。

相关问题
最新问题