当我们将应用程序部署到测试服务器时,我们无法使用MongoDB驱动程序连接到Cosmos DB。
我们所有的Dev机器都没有问题,但我们从测试中得到以下内容。 我认为这是机器上的证书问题,但我们如何解决?
[{ ServerId: "{ ClusterId : 1, EndPoint :
"Unspecified/xxxxxxxxx.documents.azure.com:10255" }",
EndPoint: "Unspecified/xxxxxxxx.documents.azure.com:10255", State:
"Disconnected", Type: "Unknown", HeartbeatException:
"MongoDB.Driver.MongoConnectionException:
An exception occurred while opening a connection to the server. --->
System.Security.Authentication.AuthenticationException:
The remote certificate is invalid according to the validation procedure.
这是客户端证书无效的问题吗?
我们与Azure SQL实例建立了连接而没有任何问题。
答案 0 :(得分:1)
根据我的理解,您可以使用SslSettings.ServerCertificateValidationCallback获取有关服务器证书验证的更多详细信息,并检查策略错误以缩小此问题。您可以按照以下方式构建MongoClientSettings来构建MongoClient:
MongoClientSettings settings = MongoClientSettings.FromUrl(new MongoUrl("{connection-string-of-your-cosmosdb}"));
settings.SslSettings = new SslSettings()
{
EnabledSslProtocols = SslProtocols.Tls12,
ServerCertificateValidationCallback = delegate (object s, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
foreach (var element in chain.ChainElements)
{
// Gets the error status of the current X.509 certificate in a chain.
foreach (var status in element.ChainElementStatus)
{
Console.WriteLine($"certificate subject: {element.Certificate.Subject},ChainStatus: {status.StatusInformation}");
}
}
return true; //just for dev, it would bypass certificate errors
}
};
var mongoClient = new MongoClient(settings);