-
Type: Bug
-
Resolution: Fixed
-
Priority: Critical - P2
-
Affects Version/s: 1.28.4
-
Component/s: Compass, Connectivity
-
None
-
Environment:MongoDB Compass 1.28.4
macOS 11.6
-
Not Needed
Problem Statement/Rationale
Our server is using certificates from Let's Encrypt, but when I try to connect it hangs for a minute or so, before finally giving up with 'certificate has expired'.
Could this be caused by the recent expiry of the Let's Encrypt root certificates? I believe this was working before, though it's been a while since I last connected so I can't tell for sure.
I'm using the SSL value 'System CA / Atlas Deployment', but only 'Unvalidated (insecure)' works.
Is there any way to verify if this is indeed caused by the expiry of the Let's Encrypt Root Cert?
Steps to Reproduce
It's a bit of a lengthy setup, but the gist of it is that we have a DigitalOcean droplet with MongoDB installed. After fetching certs with certbot, a file is generated using
cat /etc/letsencrypt/live/example.com/fullchain.pem /etc/letsencrypt/live/example.com/privkey.pem > /etc/ssl/mongo.pem
This file is referenced in mongod.conf:
net:
tls:
mode: requireTLS
certificateKeyFile: /etc/ssl/mongo.pem
Then I try to connect to the database in Compass with SSL set to 'System CA / Atlas Deployment'.
Expected Results
It connects.
Actual Results
'certificate has expired'
- related to
-
COMPASS-4098 Upgrade to electron 13
- Closed