Generate self-signed SSL certificates for MongoDb server and client

Make PEM containig a public key certificate and its associated private key

openssl req -newkey rsa:2048 -new -x509 -days 3650 -nodes -out mongo.crt -keyout mongo.key
cat mongo.key mongo.crt > mongo.pem

Edit /etc/mongod.conf, network interfaces section

# network interfaces
net:
  port: 27017
  bindIp: 127.0.0.1
  ssl:
    mode: allowSSL
    PEMKeyFile: /etc/ssl/mongo.pem
    #CAFile: /etc/ssl/mongo.crt

Check for startup config errors

sudo mongod --config /etc/mongod.conf

Restart mongo

sudo service mongod restart

Test-connect

mongo --ssl --sslAllowInvalidHostnames --sslAllowInvalidCertificates

NodeJs, mongo connection options

{ 
  "sslValidate": false,
  "sslKey": fs.readFileSync('/etc/ssl/mongodb.pem'),
  "sslCert": fs.readFileSync('/etc/ssl/mongodb-cert.crt')
}

siddhantprateek/generate-mongo-ssl.md

Select an option

No results found

Select an option

No results found

Make PEM containig a public key certificate and its associated private key

Edit /etc/mongod.conf, network interfaces section

Check for startup config errors

Restart mongo

Test-connect

NodeJs, mongo connection options