Uploaded image for project: 'MongoDB Database Tools'
  1. MongoDB Database Tools
  2. TOOLS-2158

mongodump failing on Windows with "error opening system CA store: Access is denied."

    • v4.0

      Running mongodump on Windows in NETWORK_SERVICE mode which restricts access to many local resources. Attempting to dump from an Atlas cluster which requires TLS. Getting error:

      mongodump exited with code 1: \r\n \r\n 2018-11-08T11:25:04.596+0000\tFailed: can't create session: error configuring the connector: openssl configuration: Error setting up system certificate authority: error opening system CA store: Access is denied.
      

      It appears that this issue has been fixed in the C driver (CDRIVER-1964) and also in the mongo/mongos/mongod code (SERVER-27592). The corresponding fix would appear to be required in the importCertStoreToX509_STORE method that is used by the tools, to wit changing line 57 from this:

       CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, (HCRYPTPROV)NULL, storeLocation, storeName);
      

      to this:

       CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, (HCRYPTPROV)NULL, storeLocation | CERT_STORE_READONLY_FLAG, storeName);
      

            Assignee:
            david.golden@mongodb.com David Golden
            Reporter:
            spencer.brown@mongodb.com Spencer Brown
            Votes:
            0 Vote for this issue
            Watchers:
            9 Start watching this issue

              Created:
              Updated:
              Resolved: