Reputation: 1
Clients cannot connect after starting percona for mongodb with opensslcipherconfig
Using Percona for mongodb version 3.6.3. Had a three node replica set running with ssl turned on and everything was happy. Security passed down a new requirement to run with a opensslCipherConfig. So I shutdown and restarted mongodb with --setParameter opensslCipherConfig.
Clients are now unable to connect.
[thread1] Error: socket exception [CLOSED]
Nothing in the mongo logs to help.
Start mongo from command line --- mongod -f /etc/mongod.conf --replSet repl_set1 --setParameter opensslCipherConfig="ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384"
connect to mongo from command line --- mongo mongodb:27017/admin --ssl --sslPEMKeyFile /mongodb.pem --verbose
error -- Percona Server for MongoDB shell version v3.6.3-1.1 connecting to: mongodb://mongodb:27017/admin
2019-03-01T14:55:54.164+0000 D NETWORK [thread1] creating new connection to:mongodb:27017
2019-03-01T14:55:54.166+0000 E QUERY [thread1] Error: socket exception [CLOSED] : connect@src/mongo/shell/mongo.js:251:13 @(connect):1:6
2019-03-01T14:55:54.166+0000 D - [thread1] User Assertion: 12513:connect failed src/mongo/shell/shell_utils.cpp 270
2019-03-01T14:55:54.166+0000 I QUERY [thread1] MozJS GC prologue heap stats - total: 3742635 limit: 0
2019-03-01T14:55:54.167+0000 I QUERY [thread1] MozJS GC epilogue heap stats - total: 313635 limit: 0
2019-03-01T14:55:54.167+0000 I QUERY [thread1] MozJS GC prologue heap stats - total: 204795 limit: 0
2019-03-01T14:55:54.167+0000 I QUERY [thread1] MozJS GC epilogue heap stats - total: 11859 limit: 0
2019-03-01T14:55:54.167+0000 D - [main] User Assertion: 12513:connect failed src/mongo/scripting/mozjs/proxyscope.cpp 300
Upvotes: 0
Views: 376
Answers (1)
Reputation: 1
There is a bug. I opened a ticket with Percona. [https://jira.percona.com/browse/PSMDB-412] . In the Percona Jira ticket, percona responded ” Related upstream tickets: SERVER-36616, SERVER-38141”.
Those are mongoDB Jira Tickets [https://jira.mongodb.org/browse/SERVER-36616] – fixed mongo version 4.1.5 [https://jira.mongodb.org/browse/SERVER-38141] – fixed mongo version 4.1.6
The latest available MongoDB versions is 4.0.10… upcoming releases 4.1.13 and 4.2.0-rc2 are both available for development release.
Upvotes: 0
Related Questions
- Can't establish SSL connection to MongoDB from NodeJS program
- Mongodb connection attempt failed: SSLHandshakeFailed: SSL peer certificate validation failed: self signed certificate
- golang client fails to connect to mongo db server - sslv3 alert bad certificate
- MongoDB: SSL/TLS handshake failed and No suitable servers found
- mongod is not honouring tlsAllowConnectionsWithoutCertificates setting
- Can't connect to remote mongodb with macOS
- How to fix SSL error "CSSMERR_TP_VERIFY_ACTION_FAILED" in mongo?
- How to configure SSL Ciphers suite for mongoDB
- SSL Connection issue with Mongodb using Perl
- Can't connect to MongoD / byzarre