HW 1.3 certificate does not match hostname


i set up the mongods in two ways
first configure replica set without authentication, initiate add members and then restart all three Servers with X509 enable it.
Second configuration starting all members directly with X509 enable

if i want to connect
( either
to create first user- local host exception)
or to initiate the rs
i always get this error:

vagrant@database:~/shared/certs$ mongo --port 31131 --ssl --sslPEMKeyFile client.pem --sslCAFile ca.pem
MongoDB shell version: 3.2.22
connecting to:
2019-02-14T14:45:08.953+0000 E NETWORK [thread1] The server certificate does not match the host name
2019-02-14T14:45:08.954+0000 E QUERY [thread1] Error: socket exception [CONNECT_ERROR] for The server certificate does not match the host name :

i dont know which “hostname” i can use in which way please help

use this

mongo --host database.m310.mongodb.university --ssl --sslPEMKeyFile ~/shared/certs/client.pem --sslCAFile ~/shared/certs/ca.pem --port 31130


Yep, that would be correct.

The good thing is that the Mongo shell is doing exactly what it’s supposed to do with a TLS-connection: verify that the remote server is in fact the one you were expecting. You were expecting “” while the certificate only applies to “database[.m310.mongodb.university]”. That’s why it was refusing to let you go through; it’s protecting you :slight_smile:


Hello Tess,
Thanks for that string.
Everybody who can read has an unfair advantage.
It was there in the text FQDN
Thanks Ralf


Thanks for the connect string