Uploaded image for project: 'MongoDB Database Tools'
  1. MongoDB Database Tools
  2. TOOLS-2771

SSL connection problems mongodump

    • Type: Icon: Investigation Investigation
    • Resolution: Gone away
    • Priority: Icon: Major - P3 Major - P3
    • 100.3.0
    • Affects Version/s: 100.2.0
    • Component/s: mongodump
    • None
    • Environment:
      CentOS 8

      Hello,

      I reported this bug
      https://jira.mongodb.org/browse/MONGOSH-355
      some time ago.

      You seem to have very similar problems with mongodump. It is not going to run, and I tried every single combination of command line possible with a 4096 bit RSA certificate or SSL enabled.
      A similar cryptic error message
      Failed: can't create session: could not connect to server: server selection error: server selection timeout, current topology: { Type: Single, Servers: [

      { Addr: 127.0.0.1:27017, Type: Unknown, State: Connected, Average RTT: 0, Last error: connection() : EOF }

      , ] }
      in this case EOF of connection is used here.
      All connections, whether local or remote from python work with certificates and TLS enabled.
      Only if I remove all TLS from mongod.conf mongodump can connect and do its work

      Please do not ask for a specific command line, as said I tried all combinations you simply do not get a proper connect with TLS 1.3

      net:
      tls:
      mode: requireTLS
      disabledProtocols: TLS1_0,TLS1_1,TLS1_2
      certificateKeyFile: /etc/ssl/certs/mongo.pem

      Only if this is removed it works. Even if you add allowConnectionsWithoutCertificates: true it does not work.

      The above configuration is used in productive use without any issues for mongod (local and remote through pymongo)

            Assignee:
            huan.li@mongodb.com Huan Li (Inactive)
            Reporter:
            accts@prvtmail.net Thomas G
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: