我无法将我的spring-boot-app(v1.5.7)连接到我的mongodb-server(带有ssl的本地主机(Win7_x64); v.3.4.6;自签名;没有ssl的登录是工作)。
RoboT3毫无问题地连接到我的mongodb。
我已经遵循了几个解决方案,这是我尝试过的最后一个没有成功的解决方案:
将此添加到我的Main-Class:
@Bean
public MongoClientOptions mongoClientOptions() {
System.setProperty("javax.net.ssl.trustStore","ssl/keystore/mongoStore.ts");
System.setProperty("javax.net.ssl.trustStorePassword","123456");
System.setProperty ("javax.net.ssl.keyStore","ssl/keystore/mongoClientKeyCert.jks");
System.setProperty ("javax.net.ssl.keyStorePassword","123456");
MongoClientOptions.Builder builder = MongoClientOptions.builder();
MongoClientOptions options = builder.sslEnabled(true).sslInvalidHostNameAllowed(true).build();
return options;
}
我在this文章之后创建了trustStore和keyStore。
根据this问题创建了c,客户端和服务器的crt,pem和key。
抛出异常:
com.mongodb.MongoSocketReadException: Exception receiving message
at com.mongodb.connection.InternalStreamConnection.translateReadException(InternalStreamConnection.java:483)
at com.mongodb.connection.InternalStreamConnection.receiveMessage(InternalStreamConnection.java:228)
at com.mongodb.connection.CommandHelper.receiveReply(CommandHelper.java:134)
at com.mongodb.connection.CommandHelper.receiveCommandResult(CommandHelper.java:121)
at com.mongodb.connection.CommandHelper.executeCommand(CommandHelper.java:32)
at com.mongodb.connection.InternalStreamConnectionInitializer.initializeConnectionDescription(InternalStreamConnectionInitializer.java:85)
at com.mongodb.connection.InternalStreamConnectionInitializer.initialize(InternalStreamConnectionInitializer.java:45)
at com.mongodb.connection.InternalStreamConnection.open(InternalStreamConnection.java:116)
at com.mongodb.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:113)
at java.lang.Thread.run(Unknown Source)
Caused by: java.net.SocketException: Software caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(Unknown Source)
at java.net.SocketInputStream.read(Unknown Source)
at sun.security.ssl.InputRecord.readFully(Unknown Source)
at sun.security.ssl.InputRecord.read(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readDataRecord(Unknown Source)
at sun.security.ssl.AppInputStream.read(Unknown Source)
at com.mongodb.connection.SocketStream.read(SocketStream.java:85)
at com.mongodb.connection.InternalStreamConnection.receiveResponseBuffers(InternalStreamConnection.java:494)
at com.mongodb.connection.InternalStreamConnection.receiveMessage(InternalStreamConnection.java:224)
... 8 common frames omitted
MongoDB(控制台)的错误消息:
SSL对等证书验证失败:自签名证书
MongoDB start-command:
.\mongod.exe --dbpath .\db --auth -sslMode requireSSL --sslAllowConnectionsWithoutCertificates --sslPEMKeyFile .\ssl\server\server.pem --sslCAFile .\ssl\ca\ca.pem
我该怎么做才能让它发挥作用?
答案 0 :(得分:0)
我们遇到了类似的问题,这就是我们所做的:
keytool -import -alias clusterkey -file ./path_to_your_crt.crt -keystore mongostore -storetype pkcs12 -storepass your_password -noprompt
openssl pkcs12 -passout pass:your_password -export -out ./output_key_path.pkcs12 -in ./path_to_your_pem.pem
keytool -importkeystore -srckeystore ./output_key_path.pkcs12 -srcstoretype PKCS12 -destkeystore mongoclient -deststoretype pkcs12 -srcstorepass your_password -deststorepass your_password -noprompt
我在内部配置了与您一样的bean