Can't connect to Atlas Class Cluster

It’s an interesting problem @Oleg_26459, because MongoDB’s certificates should be trusted by your OS by default.

Could you please run the following command? That’s asssuming you’re running on a Unix (like Linux or MacOS), or that you have openssl installed on Windows. If you’re on Windows without OpenSSL, then this test will not work.

openssl s_client -connect cluster0-shard-00-01-astdj.mongodb.net:27017 < /dev/null > certfile.crt

In my case this shows:

depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA

verify return:1

depth=1 C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA

verify return:1

depth=0 C = US, ST = New York, L = New York, O = “MongoDB, Inc.”, OU = Cloud SRE, CN = *.mongodb.net

verify return:1

The “verify return:1” at each step is the important part. What your computer or Mongo shell is telling you, is that it does not trust the first step: the DigiCert Root CA.

There are ways of making that work (by providing the Mongo shell with a link to the trusted cert stored locally), but it’s more useful to find out why your OS distrusts the cert.

Can you tell us a bit about your configuration?

  • On what kind of system are you running the mongo shell?
  • Which OS and which version?(your earlier output suggests a Windows)
  • Can you show us your mongo shell command?

EDIT:
According to this page on their site, the DigiCert Root CA should be included upwards from WinXP SP3.

EDIT2:
The quick and dirty fix is to re-import the DigiCert Root CA onto your system.

Download this file from their website: DigiCert Global Root CA.

Double-click the file (DigiCertGlobalRootCA.crt) and Windows will ask you whether you want to install this certificate as a Trusted Root CA. This is what you want. You will need administrator access to your system.

If this is not your computer, do NOT install this certificate without approval from your system administrator.

yes now I can connect

thanks

yes its ok now thanks man

Hi All.
I am getting the below error when trying to connect my sandbox cluster.
but works find through shell.

“An error occurred while loading navigation: ‘not master and slaveOk=false’: It is recommended to change your read preference in the connection dialog to Primary Preferred or Secondary Preferred or provide a replica set name for a full topology connection”. i have changed the preferred to primary/second but not working.

Hi @goutham_20853,

Please take a look here. Let me know if you have any issues!

PS: Restarting compass mostly solves problem :slight_smile:

Kanika

1 Like

Hi Kanika.
The connection is working now.just re-entered the password . previously i saved the connection and try to connect.

thanks
goutham

1 Like

I have the certificate validation problem on a windows 10 machine
Downloading digicert file does nothing. it’s already there.

E NETWORK [ReplicaSetMonitor-TaskExecutor] SSL peer certificate validation failed: (800B0109)

I can connect with Compas but not with mongo shell.

So with you the question is the same: are you using some form of security software on your computer that might interfere with certificates, or are you inside your company’s network with perhaps a proxy server that messes with certs?

No security s/w that would do anything like that and not behind a proxy.
I tried with a Linux machine and the output is more detailed:

2018-12-09T20:32:38.825+0200 I NETWORK [js] Starting new replica set monitor for Sandbox-shard-0/sandbox-shard-00-01-rqq3o.mongodb.net.:27017,sandbox-shard-00-00-rqq3o.mongodb.net.:27017,sandbox-shard-00-02-rqq3o.mongodb.net.:27017
2018-12-09T20:32:39.224+0200 I NETWORK [js] Successfully connected to sandbox-shard-00-01-rqq3o.mongodb.net.:27017 (1 connections now open to sandbox-shard-00-01-rqq3o.mongodb.net.:27017 with a 5 second timeout)
2018-12-09T20:32:39.235+0200 I NETWORK [ReplicaSetMonitor-TaskExecutor] Successfully connected to sandbox-shard-00-02-rqq3o.mongodb.net.:27017 (1 connections now open to sandbox-shard-00-02-rqq3o.mongodb.net.:27017 with a 5 second timeout)
2018-12-09T20:32:39.686+0200 I NETWORK [ReplicaSetMonitor-TaskExecutor] Successfully connected to sandbox-shard-00-00-rqq3o.mongodb.net.:27017 (1 connections now open to sandbox-shard-00-00-rqq3o.mongodb.net.:27017 with a 5 second timeout)
2018-12-09T20:32:39.692+0200 I NETWORK [js] Successfully connected to sandbox-shard-00-00-rqq3o.mongodb.net:27017 (1 connections now open to sandbox-shard-00-00-rqq3o.mongodb.net:27017 with a 5 second timeout)
2018-12-09T20:32:39.749+0200 I NETWORK [ReplicaSetMonitor-TaskExecutor] changing hosts to Sandbox-shard-0/sandbox-shard-00-00-rqq3o.mongodb.net:27017,sandbox-shard-00-01-rqq3o.mongodb.net:27017,sandbox-shard-00-02-rqq3o.mongodb.net:27017 from Sandbox-shard-0/sandbox-shard-00-00-rqq3o.mongodb.net.:27017,sandbox-shard-00-01-rqq3o.mongodb.net.:27017,sandbox-shard-00-02-rqq3o.mongodb.net.:27017
2018-12-09T20:32:40.025+0200 I NETWORK [ReplicaSetMonitor-TaskExecutor] Successfully connected to sandbox-shard-00-01-rqq3o.mongodb.net:27017 (1 connections now open to sandbox-shard-00-01-rqq3o.mongodb.net:27017 with a 5 second timeout)
Implicit session: session { “id” : UUID(“94cdd6cf-8612-4192-8988-40d39931a4e2”) }
MongoDB server version: 4.0.4
2018-12-09T20:32:40.364+0200 I NETWORK [ReplicaSetMonitor-TaskExecutor] Successfully connected to sandbox-shard-00-02-rqq3o.mongodb.net:27017 (1 connections now open to sandbox-shard-00-02-rqq3o.mongodb.net:27017 with a 5 second timeout)
2018-12-09T20:32:40.476+0200 I NETWORK [js] Marking host sandbox-shard-00-00-rqq3o.mongodb.net:27017 as failed :: caused by :: Location8000: can’t authenticate against replica set node sandbox-shard-00-00-rqq3o.mongodb.net:27017 :: caused by :: bad auth Authentication failed.
2018-12-09T20:32:40.652+0200 I NETWORK [js] Marking host sandbox-shard-00-01-rqq3o.mongodb.net:27017 as failed :: caused by :: SocketException: can’t authenticate against replica set node sandbox-shard-00-01-rqq3o.mongodb.net:27017 :: caused by :: socket exception [CONNECT_ERROR] server [sandbox-shard-00-01-rqq3o.mongodb.net:27017] connection pool error: network error while attempting to run command ‘isMaster’ on host ‘sandbox-shard-00-01-rqq3o.mongodb.net:27017
2018-12-09T20:32:40.779+0200 I NETWORK [js] Marking host sandbox-shard-00-02-rqq3o.mongodb.net:27017 as failed :: caused by :: SocketException: can’t authenticate against replica set node sandbox-shard-00-02-rqq3o.mongodb.net:27017 :: caused by :: socket exception [CONNECT_ERROR] server [sandbox-shard-00-02-rqq3o.mongodb.net:27017] connection pool error: network error while attempting to run command ‘isMaster’ on host ‘sandbox-shard-00-02-rqq3o.mongodb.net:27017
2018-12-09T20:32:40.969+0200 I NETWORK [js] Marking host sandbox-shard-00-00-rqq3o.mongodb.net:27017 as failed :: caused by :: Location8000: can’t authenticate against replica set node sandbox-shard-00-00-rqq3o.mongodb.net:27017 :: caused by :: bad auth Authentication failed.
2018-12-09T20:32:40.973+0200 E QUERY [js] Error: can’t authenticate against replica set node sandbox-shard-00-00-rqq3o.mongodb.net:27017 :: caused by :: bad auth Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1685:20
@(auth):6:1
@(auth):1:2
exception: login failed

does that ‘caused by :: Location8000:’ help at all?

I asked because you said you were “having the certificate validation problem”. But your error logging does not show this at all! The logs you’re showing now are completely unrelated.

This time around it’s an authentication issue. You’re not showing us the “mongo” shell command, so we can’t see whether you’ve entered the right username and password.

Thanks, you are correct of course.
I managed to mess with the password. I can connect now. But the first time it was a “certificate validation failed” for some reason and I am a bit buffled by this.

1 Like

Hi
I am getting below error while connecting to cluster via mongoshell.

mongo “mongodb://cluster0-shard-00-00-1azlu.mongodb.net:27017,cluster0-shard-00-01-1azlu.mongodb.net:27017,cluster0-shard-00-02-1azlu.mongodb.net:27017/test?replicaSet=Cluster0-shard-0” --ssl --authenticationDatabase admin --username m001-student --password m001-mongodb-basics;
MongoDB shell version v4.0.4
connecting to: mongodb://cluster0-shard-00-00-1azlu.mongodb.net:27017,cluster0-shard-00-01-1azlu.mongodb.net:27017,cluster0-shard-00-02-1azlu.mongodb.net:27017/test?replicaSet=Cluster0-shard-0
2018-12-11T07:13:52.902+0530 I NETWORK [js] Starting new replica set monitor for Cluster0-shard-0/cluster0-shard-00-00-1azlu.mongodb.net:27017,cluster0-shard-00-01-1azlu.mongodb.net:27017,cluster0-shard-00-02-1azlu.mongodb.net:27017
2018-12-11T07:13:56.089+0530 I NETWORK [js] Successfully connected to cluster0-shard-00-01-1azlu.mongodb.net:27017 (1 connections now open to cluster0-shard-00-01-1azlu.mongodb.net:27017 with a 5 second timeout)
2018-12-11T07:13:56.089+0530 I NETWORK [ReplicaSetMonitor-TaskExecutor] Successfully connected to cluster0-shard-00-02-1azlu.mongodb.net:27017 (1 connections now open to cluster0-shard-00-02-1azlu.mongodb.net:27017 with a 5 second timeout)
2018-12-11T07:13:59.298+0530 I NETWORK [ReplicaSetMonitor-TaskExecutor] Successfully connected to cluster0-shard-00-00-1azlu.mongodb.net:27017 (1 connections now open to cluster0-shard-00-00-1azlu.mongodb.net:27017 with a 5 second timeout)
Implicit session: session { “id” : UUID(“a3dcafab-9e90-494b-9549-9c0ca6f5dced”) }
MongoDB server version: 4.0.4
2018-12-11T07:14:05.058+0530 I NETWORK [js] Marking host cluster0-shard-00-00-1azlu.mongodb.net:27017 as failed :: caused by :: Location8000: can’t authenticate against replica set node cluster0-shard-00-00-1azlu.mongodb.net:27017 :: caused by :: bad auth Authentication failed.
2018-12-11T07:14:07.298+0530 I NETWORK [js] Successfully connected to cluster0-shard-00-02-1azlu.mongodb.net:27017 (1 connections now open to cluster0-shard-00-02-1azlu.mongodb.net:27017 with a 0 second timeout)
2018-12-11T07:14:08.579+0530 I NETWORK [js] Marking host cluster0-shard-00-02-1azlu.mongodb.net:27017 as failed :: caused by :: Location8000: can’t authenticate against replica set node cluster0-shard-00-02-1azlu.mongodb.net:27017 :: caused by :: bad auth Authentication failed.
2018-12-11T07:14:10.636+0530 I NETWORK [js] Successfully connected to cluster0-shard-00-01-1azlu.mongodb.net:27017 (1 connections now open to cluster0-shard-00-01-1azlu.mongodb.net:27017 with a 0 second timeout)
2018-12-11T07:14:11.805+0530 I NETWORK [js] Marking host cluster0-shard-00-01-1azlu.mongodb.net:27017 as failed :: caused by :: Location8000: can’t authenticate against replica set node cluster0-shard-00-01-1azlu.mongodb.net:27017 :: caused by :: bad auth Authentication failed.
2018-12-11T07:14:13.601+0530 I NETWORK [js] Marking host cluster0-shard-00-00-1azlu.mongodb.net:27017 as failed :: caused by :: Location8000: can’t authenticate against replica set node cluster0-shard-00-00-1azlu.mongodb.net:27017 :: caused by :: bad auth Authentication failed.
2018-12-11T07:14:13.601+0530 E QUERY [js] Error: can’t authenticate against replica set node cluster0-shard-00-00-1azlu.mongodb.net:27017 :: caused by :: bad auth Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1685:20
@(auth):6:1
@(auth):1:2
exception: login failed

please do the needful

Hi Harshavardhan_Reddy_82188,

Error suggests me to look for my user in Atlas. And crosscheck if the credentials are correct. Check for any space character that might have been copy/pasted. If you are still unable to find the issue, then just re-create the user.

If you have not created a user, then create one.

Kanika

Either the username/password are wrong, or the IP access list is not opened up. Or would that result in a different message than “bad auth”?

Following the directions I opened a Mongo Shell on my Windows machine but the Database connection has a syntax error. Is this because it should be run in a ‘BASH’ or on a Linux machine?
How can I connect thru a Windows Mongo Shell?

No, the mongo shell syntax is identical everywhere. Could you please post your command and the error output?

The command is from
Chapter 2: The MongoDB Query Language + Atlas

Connecting to Our Class Atlas Cluster from the mongo Shell

mongo “mongodb://cluster0-shard-00-00-jxeqq.mongodb.net:27017,cluster0-shard-00-01-jxeqq.mongodb.net:27017,cluster0-shard-00-02-jxeqq.mongodb.net:27017/100YWeatherSmall?replicaSet=Cluster0-shard-0” --authenticationDatabase admin --ssl --username m001-student --password m001-mongodb-basics

2018-12-17T23:35:47.099-0500 E QUERY [js] SyntaxError: missing ; before statement @(shell):1:6

You are running the command inside he Mongon shell. That is wrong.

DO NOT start mongo —nodb!

So I Quit() and ran the statement again and received a warning
WARNING: shell and server versions do not match

mongo “mongodb://cluster0-shard-00-00-jxeqq.mongodb.net:27017,cluster0-shard-00-01-jxeqq.mongodb.net:27017,cluster0-shard-00-02-jxeqq.mongodb.net:27017/100YWeatherSmall?replicaSet=Cluster0-shard-0” --authenticationDatabase admin --ssl --username m001-student --password m001-mongodb-basics
MongoDB shell version v4.0.4
connecting to: mongodb://cluster0-shard-00-00-jxeqq.mongodb.net:27017,cluster0-shard-00-01-jxeqq.mongodb.net:27017,cluster0-shard-00-02-jxeqq.mongodb.net:27017/100YWeatherSmall?replicaSet=Cluster0-shard-0

2018-12-18T08:53:03.606-0500 I NETWORK [js] Starting new replica set monitor for Cluster0-shard-0/cluster0-shard-00-00-jxeqq.mongodb.net:27017,cluster0-shard-00-01-jxeqq.mongodb.net:27017,cluster0-shard-00-02-jxeqq.mongodb.net:27017

2018-12-18T08:53:03.735-0500 I NETWORK [js] Successfully connected to cluster0-shard-00-01-jxeqq.mongodb.net:27017 (1 connections now open to cluster0-shard-00-01-jxeqq.mongodb.net:27017 with a 5 second timeout)

2018-12-18T08:53:03.735-0500 I NETWORK [ReplicaSetMonitor-TaskExecutor] Successfully connected to cluster0-shard-00-00-jxeqq.mongodb.net:27017 (1 connections now open to cluster0-shard-00-00-jxeqq.mongodb.net:27017 with a 5 second timeout)

2018-12-18T08:53:03.791-0500 I NETWORK [js] Successfully connected to cluster0-shard-00-02-jxeqq.mongodb.net:27017 (1 connections now open to cluster0-shard-00-02-jxeqq.mongodb.net:27017 with a 5 second timeout)
Implicit session: session { “id” : UUID(“7c5aa54f-403c-44cb-bdf9-c23b7c633e93”) }
MongoDB server version: 3.6.9
WARNING: shell and server versions do not match
MongoDB Enterprise Cluster0-shard-0:PRIMARY>

That is a warning NOT an error. It will work just fine.