Does CLI support TLS?
thomsa opened this issue ยท 3 comments
Hey there!
I'm trying to connect to a managed DB on Digital Ocean, and it requires a certificate and TLS. I'm trying to use the following command
seed ./test/data --db-uri mongodb+srv://[masked]@[host]/admin --db-options authSource=admin;tls=true;tlsCAFile='~/Downloads/ca-certificate-st.crt'
And I get
MongoSeedingError: Error connecting to database: MongoServerSelectionError: self signed certificate in certificate chain
I can connect through compass, so the cert is and connection string is valid for sure.
When I'm seeding another database on our server that does not require TLS it works fine.
Does the seeder have TLS capabilities?
Hi @thomsa,
Mongo Seeding uses ofificial MongoDB driver underneath - the DB options are just passed to the library. Yes, it should work.
I think there could be two problems:
- you use single quotes
' - you use tilde in path instead of providing full path (not sure if the MongoDB driver will expand this properly underneath; I doubt it.
Please try the following form:
tlsCAFile=/Users/{user}/Downloads/ca-certificate-st.crt (if you're on macOS) or tlsCAFile=/home/{user}/Downloads/ca-certificate-st.crt if you're on Linux.
Let me know if that works ๐
First of all, thanks for the quick response, appreciate it!
Unfortunately, it did not work. I tried without quotes and full path, I still get the same error.
The solution was in plain sight, in the actual documentation.
Since I used --db-uri the --db-options was totally ignored. So I just put the whole thing into a single string and it works.