coolify icon indicating copy to clipboard operation
coolify copied to clipboard
verified publisher icon coollabsio

[Bug]: Unable to connect to public MongoDB over SSL

Open CrazyTim71 opened this issue 8 months ago • 5 comments

Error Message and Logs

I am unable to connect to my public MongoDB over SSL. It was deployed using the Coolify template and nothing was changed. Without SSL enabled everything works fine and I can connect to the MongoDB with the public connection string. I have already read the documentation but it doesn't state for example what the server.pem cert is needed for (under persistent storage).

Connection String: mongodb://root:[email protected]:1335/?directConnection=true&tls=true&tlsCAFile=/etc/mongo/certs/ca.pem

Error in MongoCompass: Image

Proxy Log of the MongoDB container:

2025/04/25 17:35:23 [error] 33#33: *377 connect() failed (111: Connection refused) while connecting to upstream, client: xxx.xxx.xxx.xxx, server: 0.0.0.0:1335, upstream: "[xxxx:yyyy:zzzz::8]:27017", bytes from/to client:0/0, bytes from/to upstream:0/0

MongoDB log:

{"t":{"$date":"2025-04-25T17:35:23.040+00:00"},"s":"I",  "c":"NETWORK",  "id":22943,   "ctx":"listener","msg":"Connection accepted","attr":{"remote":"10.0.1.9:32988","uuid":{"uuid":{"$uuid":"daf5fbdf-dc69-46b5-93ac-6be77ece6fc5"}},"connectionId":305,"connectionCount":1}}
{"t":{"$date":"2025-04-25T17:35:23.046+00:00"},"s":"I",  "c":"NETWORK",  "id":22944,   "ctx":"conn305","msg":"Connection ended","attr":{"remote":"10.0.1.9:32988","uuid":{"uuid":{"$uuid":"daf5fbdf-dc69-46b5-93ac-6be77ece6fc5"}},"connectionId":305,"connectionCount":0}}

Steps to Reproduce

Installation

  1. Add a new MongoDB through the one-click installation (Coolify template).
  2. Enable SSL and set it to 'require'.
  3. Insert a public port and start the DB.
  4. Make it publicly available.

Connect to the MongoDB

  1. Copy the content of /data/coolify/ssl/coolify-ca.crt and save it to ca.pem locally
  2. Copy the public connection string and insert it into a new connection in MongoDB Compass
  3. Navigate to the "Advanced Connection Options" and then to "TLS/SSL"
  4. Select the ca.pem file from step 1
  5. Click "Save & Connect"

Example Repository URL

No response

Coolify Version

v4.0.0-beta.409

Are you using Coolify Cloud?

No (self-hosted)

Operating System and Version (self-hosted)

Debian 12

Additional Information

No response

CrazyTim71 avatar Apr 25 '25 18:04 CrazyTim71

I have the exactly same issue with Compass but it works fine using mongosh with the same connection string.

cbratschi avatar May 02 '25 23:05 cbratschi

+1

hhunterx avatar May 06 '25 19:05 hhunterx

I also have this issue

fenny-mdg avatar May 25 '25 00:05 fenny-mdg

I have the same issue as well. I have tried different modes on the MongoDB server and MongoDB Compass can not connect when SSL is enabled even though my local server that is using the same exact certificate can connect.

kreativamagnus avatar Jun 03 '25 11:06 kreativamagnus

Same issue here (tried with Compass only)

n3me5is-git avatar Jun 05 '25 20:06 n3me5is-git

@peaklabs-dev Any chance you could look into this?

CrazyTim71 avatar Jul 30 '25 23:07 CrazyTim71

Same issue here on (Coolify: v4.0.0-beta.444)

I am facing this error when I am trying to connect mongodb database with a public SSL-enabled (ssl mode: required) URL by MongoDB Compass. Error: Client network socket disconnected before secure TLS connection was established

Khairul38 avatar Nov 24 '25 17:11 Khairul38

Same here

Pfgoriaux avatar Nov 26 '25 16:11 Pfgoriaux