Reputation: 60935
MongoDB "Unrecognized option: net.ssl.PEMKeyFile"
I'm using MongoDB v3.0.0 with the following configuration file:
storage:
dbPath: "/home/vagrant/backend/mongodata"
engine: wiredTiger
systemLog:
destination: file
path: "/home/vagrant/backend/log/mongo.log"
logAppend: true
net:
port: 27017
# Enable the HTTP interface (Defaults to port 28017).
http:
enabled: false
ssl:
mode: requireSSL
PEMKeyFile: /home/vagrant/backend/keys/privKeys.pem
security:
authorization: 'enabled'
But when I start it up, I get the following error:
Unrecognized option: net.ssl.PEMKeyFile
try '/home/vagrant/backend/mongo/bin/mongod --help' for more information
It looks like I have it set up pretty much exactly like they recommend in the docs: https://docs.mongodb.com/manual/tutorial/configure-ssl/ . The docs say this is new in mongo 3.0, so it should support this option. It does say certain distributions still don't support it (bizarrely), so I should include that I installed mongo via this: https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-3.0.0.tgz . The closest info I could find is the MongoDB Download Center saying version 3.0.14 for linux "has been compiled with SSL enabled and dynamically linked. This requires that SSL libraries be installed seperately. See here for more information on installing OpenSSL."
Any idea what might be going wrong here?
Upvotes: 2
Views: 5353
Answers (3)
Reputation: 1051
Worked for me Mongo version 4.2.8 :
Ignore the message and check the Mongo logs, I found that the path configured for the PEM file was incorrect and should be the fully qualified path. Even after configuring it right, there was this SSL warning that was still present but worked.
ssl:
mode: requireSSL
PEMKeyFile: /data/users/mongodb/mongodb.pem
PEMKeyPassword: YOUR_PASS
Upvotes: 0
Reputation: 3606
For me its looks like spacing issue in configuration you may need to check the spacing only two spaces are allowed with list members ssl become underneath of net so when declaring ssl ensure the spaces
here are my working configurations.
net:
port: 28017
bindIp: 127.0.0.1
ssl:
mode: requireSSL
PEMKeyFile: /etc/ssl/mongodb/mongodb-server.pem
CAFile: /etc/ssl/mongodb/mongodb-client.pem
PEMKeyPassword: abc123+
Upvotes: 3
Reputation: 18845
Since MongoDB v3.0.x most MongoDB distributions include support for SSL, but not all. As you have figured out, most likely the distribution that you have does not support SSL.
If you're starting a new MongoDB deployment, I would recommend to install the latest stable release, currently at MongoDB v3.4.x which have more (if not all) distributions supporting SSL. See Release Notes for MongoDB 3.4
Upvotes: 0
Related Questions
- Mongodb connection attempt failed: SSLHandshakeFailed: SSL peer certificate validation failed: self signed certificate
- cannot read certificate file: /root/ssl/mongodb.pem MongoDB SSL ISSUE
- Connecting MongoDb.Driver (.Net) with SSL throws value cannot be null error
- MongoDB: Error parsing command line: unrecognised option '--sslMode'
- MongoDB SSL Replica setup issues - Unsupported Certificate
- How to fix SSL error "CSSMERR_TP_VERIFY_ACTION_FAILED" in mongo?
- Need help setting up MongoDB for SSL
- MongoDB ssl .pem file in connection string
- MongoDB C# Driver 'Remote certificate is invalid'
- Why is MongoDB (with SSL) asking for the .pem passphrase multiple times?