containers icon indicating copy to clipboard operation
containers copied to clipboard
verified publisher icon bitnami

[bitnami/mongodb] Update TLS/SSL configuration under README.md

Open TheLegendarySpark opened this issue 3 years ago • 5 comments

Name and Version

bitnami/mongodb:latest

What is the problem this feature will solve?

I realized why my connection to MongoDB was returning error thanks to Studio3t.

|_/ Connection error (MongoSocketWriteException): Exception sending message
|____/ SSL error: No subject alternative names present
|_______/ Certificate error: No subject alternative names present

What is the feature you are proposing to solve the problem?

Update the information. It's misleading for MongoDB 4.1+ users.

What alternatives have you considered?

No response

TheLegendarySpark avatar Jul 24 '22 05:07 TheLegendarySpark

Here's another error I found when I load MongoDB for the first time setting up with SSL

 Connecting to:              mongodb://127.0.0.1:25409/?directConnection=true&serverSelectionTimeoutMS=2000&tls=true&tlsCertificateKeyFile=%2Fcertificates%2Fmongodb.pem&tlsCAFile=%2Fcertificates%2FmongoCA.pem&appName=mongosh+1.5.1
essential-rest-mongodb-1  | MongoServerSelectionError: Hostname/IP does not match certificate's altnames: IP: 127.0.0.1 is not in the cert's list

TheLegendarySpark avatar Jul 24 '22 05:07 TheLegendarySpark

The new README.md should reference https://help.bizagi.com/bpm-suite/en/index.html?subjectaltname_support.htm about creating certificates with Subject Alternative Names.

TheLegendarySpark avatar Jul 24 '22 06:07 TheLegendarySpark

Thsoe who struggle with self-signed certificates handshake error. Look at: https://stackoverflow.com/a/41638739

TheLegendarySpark avatar Jul 24 '22 06:07 TheLegendarySpark

We are going to transfer this issue to bitnami/containers

In order to unify the approaches followed in Bitnami containers and Bitnami charts, we are moving some issues in bitnami/bitnami-docker-<container> repositories to bitnami/containers.

Please follow bitnami/containers to keep you updated about the latest bitnami images.

More information here: https://blog.bitnami.com/2022/07/new-source-of-truth-bitnami-containers.html

carrodher avatar Jul 28 '22 13:07 carrodher

Thanks a lot @TheLegendarySpark for sharing this info.

Please keep in mind there are a lot of different scenarios, requirements and different tools in order to work with SSL, and we can't cover them in this guide. Also a some knowledge about how X.509 is required, to configure it properly.

Please feel free to open a PR with your suggestions. The Bitnami team will be happy to review it and provide feedback. Here you can find the contributing guidelines

fmulero avatar Jul 29 '22 11:07 fmulero

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

github-actions[bot] avatar Aug 14 '22 01:08 github-actions[bot]

Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.

github-actions[bot] avatar Aug 19 '22 01:08 github-actions[bot]