ssl的mongodb地图集连接问题

问题描述 投票:1回答:4

我已经使用mongodb地图集创建了一个集群。但是,我无法使用本地mongo shell连接到它。

当我使用下面的连接字符串时,它说--ssl无法识别。

Harshavardhans-MacBook-Pro:bin harshavmb$ mongo "mongodb://m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017/test?replicaSet=m123-rs1-shard-0" --authenticationDatabase admin --ssl --username mongoadmin --password *****

错误分析命令行:无法识别的选项'--ssl'尝试“ mongo --help”以获取更多信息

如果我删除--ssl并尝试,则会看到以下o / p。

Harshavardhans-MacBook-Pro:bin harshavmb$ mongo "mongodb://m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017/test?replicaSet=m123-rs1-shard-0" --authenticationDatabase admin --username mongoadmin --password ****
MongoDB shell version: 3.2.10
connecting to: mongodb://m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017/test?replicaSet=m123-rs1-shard-0
2017-03-18T14:19:00.820+0530 I NETWORK  [thread1] Starting new replica set monitor for m123-rs1-shard-0/m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017
2017-03-18T14:19:00.820+0530 I NETWORK  [ReplicaSetMonitorWatcher] starting
2017-03-18T14:19:06.255+0530 I NETWORK  [thread1] Socket recv() timeout  35.167.185.140:27017
2017-03-18T14:19:06.258+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_TIMEOUT] server [35.167.185.140:27017] 
2017-03-18T14:19:07.040+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.95.185:27017
2017-03-18T14:19:07.040+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.95.185:27017] 
2017-03-18T14:19:07.757+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:07.757+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:07.757+0530 W NETWORK  [thread1] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:08.985+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.95.185:27017
2017-03-18T14:19:08.985+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.95.185:27017] 
2017-03-18T14:19:09.702+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:09.702+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:10.419+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.167.185.140:27017
2017-03-18T14:19:10.419+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.167.185.140:27017] 
2017-03-18T14:19:10.419+0530 W NETWORK  [thread1] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:11.648+0530 I NETWORK  [ReplicaSetMonitorWatcher] Socket recv() errno:54 Connection reset by peer 35.162.95.185:27017
2017-03-18T14:19:11.648+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.167.185.140:27017
2017-03-18T14:19:11.648+0530 I NETWORK  [ReplicaSetMonitorWatcher] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.95.185:27017] 
2017-03-18T14:19:11.648+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.167.185.140:27017] 
2017-03-18T14:19:12.364+0530 I NETWORK  [ReplicaSetMonitorWatcher] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:12.365+0530 I NETWORK  [ReplicaSetMonitorWatcher] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:12.365+0530 W NETWORK  [ReplicaSetMonitorWatcher] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:14.731+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:14.731+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:14.731+0530 W NETWORK  [thread1] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:15.845+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.95.185:27017
2017-03-18T14:19:15.845+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.95.185:27017] 
2017-03-18T14:19:16.563+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.167.185.140:27017
2017-03-18T14:19:16.563+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.167.185.140:27017] 
2017-03-18T14:19:17.176+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:17.177+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:17.177+0530 W NETWORK  [thread1] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:17.181+0530 E QUERY    [thread1] Error: connect failed to replica set m123-rs1-shard-0/m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017 :
connect@src/mongo/shell/mongo.js:223:14
@(connect):1:6

exception: connect failed

有趣的是,我能够使用Java驱动程序连接到集群。只有外壳程序有此问题。

已大量搜索以解决此ssl问题,但找不到任何有用的链接。

任何帮助将不胜感激。

谢谢。

mongodb ssl
4个回答
1
投票

错误分析命令行:无法识别的选项'--ssl'尝试'mongo --help'了解更多信息

MongoDB Atlas requires SSL/TLS对于所有连接。此命令行错误表明您的mongo Shell版本不包括SSL / TLS支持。

根据您的喜好,您可以使用以下方法安装适当的mongo shell版本:

  • [Homebrewbrew install mongodb --with-openssl
  • MongoDB Download Center。注意:默认值应该是下载具有SSL支持的二进制文件,但下拉列表中也提供非SSL下载。

通常最好安装打包版本(例如Homebrew),因为这样可以简化管理mongod服务和更新到新版本的过程。如果您要运行MongoDB的多个版本或将文件隔离到特定目录,则二进制下载可能更相关,但不包括服务包装程序或默认配置文件之类的便利。


1
投票

您必须具有带SSL / TSL的mongodb,因为MongoDB Atlas的所有连接都需要它。

您可以通过运行以下命令来获得。

brew install mongodb --with-openssl

并将您的mongodb升级到3.4.4。

brew upgrade mongodb

然后尝试通过mongo shell连接到mongo cloud。


0
投票

我已将Mongo 3.2二进制文件复制到/usr/local/bin目录,因此不允许使用较新版本的Mongo二进制文件(3.4)。因此,最终我不得不从/usr/local/bin目录中删除二进制文件并粘贴3.4的二进制文件,这解决了ssl问题。


0
投票

最近,MongoDb Atlas将其证书从Digicert切换到LetsEncrypt(2020年2月,并且对于其中没有包含LetsEncrypt证书的证书存储,可能会出现问题。

临时旁路将在连接字符串的末尾包含sslVerifyCertificate=false。但是解决方案是将您的OS或驱动程序库更新为具有包含LetsEncrypt证书的版本。

© www.soinside.com 2019 - 2024. All rights reserved.