HW 1.3 certificate does not match hostname 127.0.0.1

Hi,

i set up the mongods in two ways
first configure replica set without authentication, initiate add members and then restart all three Servers with X509 enable it.
Second configuration starting all members directly with X509 enable

if i want to connect
( either
to create first user- local host exception)
or to initiate the rs
i always get this error:

vagrant@database:~/shared/certs$ mongo --port 31131 --ssl --sslPEMKeyFile client.pem --sslCAFile ca.pem
MongoDB shell version: 3.2.22
connecting to: 127.0.0.1:31131/test
2019-02-14T14:45:08.953+0000 E NETWORK [thread1] The server certificate does not match the host name 127.0.0.1
2019-02-14T14:45:08.954+0000 E QUERY [thread1] Error: socket exception [CONNECT_ERROR] for The server certificate does not match the host name 127.0.0.1 :
connect@src/mongo/shell/mongo.js:231:14
@(connect):1:clock6:

i dont know which “hostname” i can use in which way please help

use this

mongo --host database.m310.mongodb.university --ssl --sslPEMKeyFile ~/shared/certs/client.pem --sslCAFile ~/shared/certs/ca.pem --port 31130

4 Likes

Yep, that would be correct.

The good thing is that the Mongo shell is doing exactly what it’s supposed to do with a TLS-connection: verify that the remote server is in fact the one you were expecting. You were expecting “127.0.0.1” while the certificate only applies to “database[.m310.mongodb.university]”. That’s why it was refusing to let you go through; it’s protecting you :slight_smile:

2 Likes

Hello Tess,
Thanks for that string.
Everybody who can read has an unfair advantage.
It was there in the text FQDN
Thanks Ralf

2 Likes

Thanks for the connect string