-
-
Save siddhantprateek/a80b8ee13678bc14e9c93c4eefa14bd9 to your computer and use it in GitHub Desktop.
Revisions
-
achesco revised this gist
Mar 27, 2018 . 1 changed file with 5 additions and 5 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -41,11 +41,11 @@ mongo --ssl --sslAllowInvalidHostnames --sslCAFile mongodb-ca.crt --sslPEMKeyFil #### NodeJs, mongo connection options ```js { ssl: true, sslValidate: true, sslKey: fs.readFileSync('/etc/ssl/mongodb.pem'), sslCert: fs.readFileSync('/etc/ssl/mongodb-cert.crt'), sslCA: fs.readFileSync('/etc/ssl/mongodb-ca.crt') } ``` -
Mar 27, 2018 . 1 changed file with 3 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -7,6 +7,9 @@ openssl req -newkey rsa:2048 -new -x509 -days 3650 -nodes -subj '/C=US/ST=Massac ```bash cat mongodb-cert.key mongodb-cert.crt > mongodb.pem ``` ```bash cp mongodb-cert.crt mongodb-ca.crt ``` #### Edit _/etc/mongod.conf_, _network interfaces_ section ```apache -
Mar 27, 2018 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -38,7 +38,8 @@ mongo --ssl --sslAllowInvalidHostnames --sslCAFile mongodb-ca.crt --sslPEMKeyFil #### NodeJs, mongo connection options ```js { "ssl": true, "sslValidate": true, "sslKey": fs.readFileSync('/etc/ssl/mongodb.pem'), "sslCert": fs.readFileSync('/etc/ssl/mongodb-cert.crt'), "sslCa": fs.readFileSync('/etc/ssl/mongodb-ca.crt') -
Mar 27, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -38,7 +38,7 @@ mongo --ssl --sslAllowInvalidHostnames --sslCAFile mongodb-ca.crt --sslPEMKeyFil #### NodeJs, mongo connection options ```js { "sslValidate": false, // true - disable validation "sslKey": fs.readFileSync('/etc/ssl/mongodb.pem'), "sslCert": fs.readFileSync('/etc/ssl/mongodb-cert.crt'), "sslCa": fs.readFileSync('/etc/ssl/mongodb-ca.crt') -
Mar 27, 2018 . 1 changed file with 9 additions and 8 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,10 +2,10 @@ CNs are important!!! -days 3650 #### Make PEM containig a public key certificate and its associated private key ```bash openssl req -newkey rsa:2048 -new -x509 -days 3650 -nodes -subj '/C=US/ST=Massachusetts/L=Bedford/O=Personal/OU=Personal/[email protected]/CN=localhost' -out mongodb-cert.crt -keyout mongodb-cert.key ``` ```bash cat mongodb-cert.key mongodb-cert.crt > mongodb.pem ``` #### Edit _/etc/mongod.conf_, _network interfaces_ section @@ -16,8 +16,8 @@ net: bindIp: 127.0.0.1 ssl: mode: allowSSL PEMKeyFile: /etc/ssl/mongodb.pem CAFile: /etc/ssl/mongodb-cert.crt ``` #### Check for startup config errors @@ -32,15 +32,16 @@ sudo service mongod restart #### Test-connect ```bash mongo --ssl --sslAllowInvalidHostnames --sslCAFile mongodb-ca.crt --sslPEMKeyFile /etc/ssl/mongodb.pem ``` #### NodeJs, mongo connection options ```js { "sslValidate": false, // true - disable validation "sslKey": fs.readFileSync('/etc/ssl/mongodb.pem'), "sslCert": fs.readFileSync('/etc/ssl/mongodb-cert.crt'), "sslCa": fs.readFileSync('/etc/ssl/mongodb-ca.crt') } ``` -
Mar 27, 2018 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,3 +1,5 @@ CNs are important!!! -days 3650 #### Make PEM containig a public key certificate and its associated private key ```bash openssl req -newkey rsa:2048 -new -x509 -days 3650 -nodes -subj '/C=US/ST=Massachusetts/L=Bedford/O=Personal/OU=Personal/[email protected]/CN=localhost' -out mongo.crt -keyout mongo.key -
Mar 27, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,6 @@ #### Make PEM containig a public key certificate and its associated private key ```bash openssl req -newkey rsa:2048 -new -x509 -days 3650 -nodes -subj '/C=US/ST=Massachusetts/L=Bedford/O=Personal/OU=Personal/[email protected]/CN=localhost' -out mongo.crt -keyout mongo.key ``` ```bash cat mongo.key mongo.crt > mongo.pem -
Mar 27, 2018 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,8 @@ #### Make PEM containig a public key certificate and its associated private key ```bash openssl req -newkey rsa:2048 -new -x509 -days 3650 -nodes -out mongo.crt -keyout mongo.key ``` ```bash cat mongo.key mongo.crt > mongo.pem ``` -
Mar 27, 2018 . 1 changed file with 30 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -9,10 +9,37 @@ cat mongo.key mongo.crt > mongo.pem # network interfaces net: port: 27017 bindIp: 127.0.0.1 ssl: mode: allowSSL PEMKeyFile: /etc/ssl/mongo.pem #CAFile: /etc/ssl/mongo.crt ``` #### Check for startup config errors ```bash sudo mongod --config /etc/mongod.conf ``` #### Restart mongo ```bash sudo service mongod restart ``` #### Test-connect ```bash mongo --ssl --sslAllowInvalidHostnames --sslAllowInvalidCertificates ``` #### NodeJs, mongo connection options ```js { "sslValidate": false, "sslKey": fs.readFileSync('/etc/ssl/mongodb.pem'), "sslCert": fs.readFileSync('/etc/ssl/mongodb-cert.crt') } ``` -
Mar 27, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,18 @@ #### Make PEM containig a public key certificate and its associated private key ```bash openssl req -newkey rsa:2048 -new -x509 -days 3650 -nodes -out mongo.crt -keyout mongo.key cat mongo.key mongo.crt > mongo.pem ``` #### Edit _/etc/mongod.conf_, _network interfaces_ section ```apache # network interfaces net: port: 27017 #bindIp: 127.0.0.1 ssl: mode: allowSSL PEMKeyFile: /etc/ssl/mongodb.pem #CAFile: /etc/ssl/mongodb-cert.crt ```