编辑:当我从机器远程连接时,我已经可以使用它了,但是由于某些原因,当尝试通过本地主机连接时,它不起作用
我正在尝试使用SSL设置MongoDB。当我输入IP地址时,它告诉我请求被拒绝,因为名称与证书不匹配。当我输入正确的计算机名称时,出现此错误:
SSL隧道故障:网络无法访问或SSL连接被拒绝 通过服务器。
有什么想法可以进一步解决吗?我对服务器感到惊讶,因为我认为SSL已在客户端验证。
我尝试过更改端口,但是运气不佳。
Windows环境。 MongoDB 3.4.4
我已经使用本地主机和一个自签名证书了。
Windows防火墙已关闭
这是我的设置:
security:
authorization: "enabled"
systemLog:
destination: file
path: c:\data\log\mongod.log
storage:
dbPath: c:\data\db
net:
bindIp: 0.0.0.0
port: 443
ssl:
mode: requireSSL
PEMKeyFile: c:\Cert\pemkeyfile.pem
PEMKeyPassword: password
CAFile: c:\Cert\cafile.pem
allowInvalidHostnames: true
allowConnectionsWithoutCertificates: true
allowInvalidCertificates: true
这是mongo日志
2018-07-26T15:13:01.878-0700 I CONTROL [main] Trying to start Windows service 'MongoDB'
2018-07-26T15:13:01.880-0700 I CONTROL [initandlisten] MongoDB starting : pid=3900 port=443 dbpath=c:\data\db 64-bit host=CACALDDGNLP001
2018-07-26T15:13:01.880-0700 I CONTROL [initandlisten] targetMinOS: Windows 7/Windows Server 2008 R2
2018-07-26T15:13:01.880-0700 I CONTROL [initandlisten] db version v3.4.4
2018-07-26T15:13:01.880-0700 I CONTROL [initandlisten] git version: 888390515874a9debd1b6c5d36559ca86b44babd
2018-07-26T15:13:01.880-0700 I CONTROL [initandlisten] OpenSSL version: OpenSSL 1.0.1u-fips 22 Sep 2016
2018-07-26T15:13:01.880-0700 I CONTROL [initandlisten] allocator: tcmalloc
2018-07-26T15:13:01.880-0700 I CONTROL [initandlisten] modules: none
2018-07-26T15:13:01.880-0700 I CONTROL [initandlisten] build environment:
2018-07-26T15:13:01.880-0700 I CONTROL [initandlisten] distmod: 2008plus-ssl
2018-07-26T15:13:01.880-0700 I CONTROL [initandlisten] distarch: x86_64
2018-07-26T15:13:01.880-0700 I CONTROL [initandlisten] target_arch: x86_64
2018-07-26T15:13:01.880-0700 I CONTROL [initandlisten] options: { config: "C:\Program Files\MongoDB\Server\3.4\mongod.cfg", net: { bindIp: "0.0.0.0", port: 443, ssl: { CAFile: "c:\Cert\cafile.pem", PEMKeyFile: "c:\Cert\pemkeyfile.pem", PEMKeyPassword: "<password>", allowConnectionsWithoutCertificates: true, allowInvalidCertificates: true, allowInvalidHostnames: true, mode: "requireSSL" } }, security: { authorization: "enabled" }, service: true, storage: { dbPath: "c:\data\db" }, systemLog: { destination: "file", path: "c:\data\log\mongod.log" } }
2018-07-26T15:13:01.883-0700 I - [initandlisten] Detected data files in c:\data\db created by the 'wiredTiger' storage engine, so setting the active storage engine to 'wiredTiger'.
2018-07-26T15:13:01.884-0700 I STORAGE [initandlisten] wiredtiger_open config: create,cache_size=1535M,session_max=20000,eviction=(threads_min=4,threads_max=4),config_base=false,statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),file_manager=(close_idle_time=100000),checkpoint=(wait=60,log_size=2GB),statistics_log=(wait=0),
2018-07-26T15:13:02.487-0700 I FTDC [initandlisten] Initializing full-time diagnostic data capture with directory 'c:/data/db/diagnostic.data'
2018-07-26T15:13:02.488-0700 I NETWORK [thread1] waiting for connections on port 443 ssl
2018-07-26T15:13:02.488-0700 I STORAGE [initandlisten] Service running