How to reject unvalidated SSL client connections from the server?

I have setup a MongoDB server with a self-signed server certificate, and when I use the server validation method in Compass along with the CA certificate, it works well. However, I am still able to connect to the database if I select the “unvalidated” option in Compass, and I don’t want that. I want to reject any client connections that are not validating the server certificate. Is it possible to setup the server to do that?

Edit: I have requireTLS setup in the config file, but Compass still lets unvalidated connections through.

That is just how it works(think of your web browser, you’re warned but can override that warning). If you really want to enforce TLS on every connection you need to look at using client certificates.

Then the server can reject any connection not using TLS.

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.