reaction icon indicating copy to clipboard operation
reaction copied to clipboard
verified publisher icon reactioncommerce

Cannot pass mongo options to use cacert

Open heri16 opened this issue 5 years ago • 2 comments

https://github.com/reactioncommerce/api-core/blob/de2e924ae68247c08f690fbbd3fc9f678f4f45ec/src/util/mongoConnectWithRetry.js#L25

https://scalegrid.io/blog/mongodb-ssl-with-self-signed-certificates-in-node-js/

There is no way now to do the below on reaction.

var certFileBuf = fs.readFileSync(<path to CA cert file>);
var mongoUrl = 'mongodb://admin:[email protected]:27017/admin?ssl=true';

var options = {
  replSet: {
    sslCA: certFileBuf
  }
};
var MongoClient = require('mongodb').MongoClient
  , assert = require('assert');

MongoClient.connect(mongoUrl, options, function(err, db) {
   assert.equal(null, err);
   console.log("Connected correctly to server");
   db.close();
 });

heri16 avatar Aug 06 '20 09:08 heri16

https://docs.aws.amazon.com/documentdb/latest/developerguide/connect_programmatically.html

This does not work too.

novayadi85 avatar Aug 06 '20 09:08 novayadi85

I agree this type of burying of key mongo connection options is not ideal. We need a way for the outermost application to provide mongo connection options. Complex types like a certFileBuf might require a real object to be passed through unless we want to model all the options as environment variables and support file paths, etc.

focusaurus avatar Nov 18 '20 22:11 focusaurus