mongodb atlas connection issues with ssl

Question

I've created a cluster using mongodb atlas. But, I couldn't connect to that using local mongo shell.

When I use the below connection string, it says --ssl unrecognized.

Harshavardhans-MacBook-Pro:bin harshavmb$ mongo "mongodb://m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017/test?replicaSet=m123-rs1-shard-0" --authenticationDatabase admin --ssl --username mongoadmin --password *****

Error parsing command line: unrecognised option '--ssl' try 'mongo --help' for more information

If I remove --ssl and try, I see the below o/p.

Harshavardhans-MacBook-Pro:bin harshavmb$ mongo "mongodb://m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017/test?replicaSet=m123-rs1-shard-0" --authenticationDatabase admin --username mongoadmin --password ****
MongoDB shell version: 3.2.10
connecting to: mongodb://m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017/test?replicaSet=m123-rs1-shard-0
2017-03-18T14:19:00.820+0530 I NETWORK  [thread1] Starting new replica set monitor for m123-rs1-shard-0/m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017
2017-03-18T14:19:00.820+0530 I NETWORK  [ReplicaSetMonitorWatcher] starting
2017-03-18T14:19:06.255+0530 I NETWORK  [thread1] Socket recv() timeout  35.167.185.140:27017
2017-03-18T14:19:06.258+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_TIMEOUT] server [35.167.185.140:27017] 
2017-03-18T14:19:07.040+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.95.185:27017
2017-03-18T14:19:07.040+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.95.185:27017] 
2017-03-18T14:19:07.757+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:07.757+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:07.757+0530 W NETWORK  [thread1] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:08.985+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.95.185:27017
2017-03-18T14:19:08.985+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.95.185:27017] 
2017-03-18T14:19:09.702+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:09.702+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:10.419+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.167.185.140:27017
2017-03-18T14:19:10.419+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.167.185.140:27017] 
2017-03-18T14:19:10.419+0530 W NETWORK  [thread1] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:11.648+0530 I NETWORK  [ReplicaSetMonitorWatcher] Socket recv() errno:54 Connection reset by peer 35.162.95.185:27017
2017-03-18T14:19:11.648+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.167.185.140:27017
2017-03-18T14:19:11.648+0530 I NETWORK  [ReplicaSetMonitorWatcher] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.95.185:27017] 
2017-03-18T14:19:11.648+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.167.185.140:27017] 
2017-03-18T14:19:12.364+0530 I NETWORK  [ReplicaSetMonitorWatcher] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:12.365+0530 I NETWORK  [ReplicaSetMonitorWatcher] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:12.365+0530 W NETWORK  [ReplicaSetMonitorWatcher] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:14.731+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:14.731+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:14.731+0530 W NETWORK  [thread1] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:15.845+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.95.185:27017
2017-03-18T14:19:15.845+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.95.185:27017] 
2017-03-18T14:19:16.563+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.167.185.140:27017
2017-03-18T14:19:16.563+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.167.185.140:27017] 
2017-03-18T14:19:17.176+0530 I NETWORK  [thread1] Socket recv() errno:54 Connection reset by peer 35.162.83.174:27017
2017-03-18T14:19:17.177+0530 I NETWORK  [thread1] SocketException: remote: (NONE):0 error: 9001 socket exception [RECV_ERROR] server [35.162.83.174:27017] 
2017-03-18T14:19:17.177+0530 W NETWORK  [thread1] No primary detected for set m123-rs1-shard-0
2017-03-18T14:19:17.181+0530 E QUERY    [thread1] Error: connect failed to replica set m123-rs1-shard-0/m123-rs1-shard-00-00-wn1jr.mongodb.net:27017,m123-rs1-shard-00-01-wn1jr.mongodb.net:27017,m123-rs1-shard-00-02-wn1jr.mongodb.net:27017 :
connect@src/mongo/shell/mongo.js:223:14
@(connect):1:6

exception: connect failed

Interestingly, I was able to connect to the cluster with java driver. Only shell has this problem.

Have googled a lot to find fix this ssl issue, but couldn't find any helpful link.

Any help would be highly appreciated.

Thanks in advance.

Answer 1

Recently MongoDb Atlas switched their certificates from Digicert to LetsEncrypt (Feb 2020), and it may have issues for certificate stores that don't have the LetsEncrypt ones it in.

A temporary bypass is to include sslVerifyCertificate=false on the end of a connection string. But the solution is to update your OS or driver libraries to have a version that includes the LetsEncrypt certificates.

Answer 2

You have to have mongodb with SSL/TSL because MongoDB Atlas needs it for all connections.

You can get by running following command.

brew install mongodb --with-openssl

And upgrade your mongodb to 3.4.4.

brew upgrade mongodb

Then try connecting to mongo cloud via mongo shell.

Answer 3

I had copied Mongo 3.2 binaries to /usr/local/bin directory, so this wasn't allowing newer version of mongo binaries (3.4). So, eventually I had to remove the binaries from /usr/local/bin directory and paste the binaries of 3.4 and this fixed the ssl issue.

Answer 4

Error parsing command line: unrecognised option '--ssl' try 'mongo --help' for more information

MongoDB Atlas requires SSL/TLS for all connections. This command-line error indicates your version of the mongo shell does not include SSL/TLS support.

Depending on your preference, you can install an appropriate mongo shell version using:

• Homebrew: brew install mongodb --with-openssl.
• MongoDB Download Center. Note: the default should be to download binaries w/ SSL support, but there are non-SSL downloads available in the dropdown list as well.

It's generally better to install a packaged version (eg. Homebrew) as this simplifies the process of managing the mongod service and updating to new releases. The binary downloads may be more relevant if you want to run multiple versions of MongoDB or keep files isolated to a specific directory, but do not include conveniences like a service wrapper or default config file.