HW 2.6: server certificate does not match the host name

Not able to start mongod. Has these errors:

2020-08-22T05:31:27.537+0000 E NETWORK  [initandlisten] The server certificate does not match the host name 192.168.31.200
2020-08-22T05:31:27.538+0000 E STORAGE  [initandlisten] Unable to retrieve key .system, error: Failed to open connectionto KMIP server 192.168.31.200.

mongod:

$ mongod --enableEncryption --kmipServerName 192.168.31.200 --kmipServerCAFile /home/vagrant/shared/certs/ca.pem --kmipClientCertificateFile /home/vagrant/shared/certs/client.pem --port 31260 --fork --dbpath ./M310-HW-2.6/data --logpath ./M310-HW-2.6/data/mongodb.log
about to fork child process, waiting until server is ready for connections.
forked process: 29487
ERROR: child process failed, exited with error number 14

The log:

2020-08-22T05:31:27.420+0000 I CONTROL  [initandlisten] MongoDB starting : pid=29487 port=31260 dbpath=/home/vagrant/./M
310-HW-2.6/data 64-bit host=database
2020-08-22T05:31:27.421+0000 I CONTROL  [initandlisten] db version v3.2.22
2020-08-22T05:31:27.421+0000 I CONTROL  [initandlisten] git version: 105acca0d443f9a47c1a5bd608fd7133840a58dd
2020-08-22T05:31:27.421+0000 I CONTROL  [initandlisten] OpenSSL version: OpenSSL 1.0.1f 6 Jan 2014
2020-08-22T05:31:27.421+0000 I CONTROL  [initandlisten] allocator: tcmalloc
2020-08-22T05:31:27.421+0000 I CONTROL  [initandlisten] modules: enterprise
2020-08-22T05:31:27.421+0000 I CONTROL  [initandlisten] build environment:
2020-08-22T05:31:27.422+0000 I CONTROL  [initandlisten]     distmod: ubuntu1404
2020-08-22T05:31:27.422+0000 I CONTROL  [initandlisten]     distarch: x86_64
2020-08-22T05:31:27.422+0000 I CONTROL  [initandlisten]     target_arch: x86_64
2020-08-22T05:31:27.422+0000 I CONTROL  [initandlisten] options: { net: { port: 31260 }, processManagement: { fork: true}, security: { enableEncryption: true, kmip: { clientCertificateFile: "/home/vagrant/shared/certs/client.pem", serverCAFile: "/home/vagrant/shared/certs/ca.pem", serverName: "192.168.31.200" } }, storage: { dbPath: "./M310-HW-2.6/data" },systemLog: { destination: "file", path: "./M310-HW-2.6/data/mongodb.log" } }
2020-08-22T05:31:27.453+0000 I STORAGE  [initandlisten] wiredtiger_open config: create,cache_size=1G,session_max=20000,eviction=(threads_min=4,threads_max=4),config_base=false,statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),file_manager=(close_idle_time=100000),checkpoint=(wait=60,log_size=2GB),statistics_log=(wait=0),verbose=(recovery_progress),extensions=[local=(entry=mongo_addWiredTigerEncryptors)],encryption=(name=AES256-CBC,keyid=".system"),
2020-08-22T05:31:27.537+0000 E NETWORK  [initandlisten] The server certificate does not match the host name 192.168.31.200
2020-08-22T05:31:27.538+0000 E STORAGE  [initandlisten] Unable to retrieve key .system, error: Failed to open connectionto KMIP server 192.168.31.200.
2020-08-22T05:31:27.539+0000 I -        [initandlisten] Fatal Assertion 28561
2020-08-22T05:31:27.539+0000 I -        [initandlisten]

***aborting after fassert() failure

The pykmip_server.py has this:

server = KMIPServer(
    host="192.168.31.200",
    port=5696,
    keyfile="/home/vagrant/shared/certs/server.pem",
    ...

On the Infrastructure VM:

[vagrant@infrastructure shared]$ python pykmip_server.py
2020-08-22 05:56:39,815 - __main__ - INFO - Starting KMIP server
2020-08-22 05:57:22,165 - kmip.services.kmip_server - ERROR - KMIPServer <class 'ssl.SSLEOFError'> EOF occurred in viola
tion of protocol (_ssl.c:1826)
2020-08-22 06:02:02,156 - kmip.services.kmip_server - ERROR - KMIPServer <class 'ssl.SSLEOFError'> EOF occurred in viola
tion of protocol (_ssl.c:1826)
2020-08-22 06:06:45,831 - kmip.services.kmip_server - ERROR - KMIPServer <class 'ssl.SSLEOFError'> EOF occurred in viola
tion of protocol (_ssl.c:1826)

Try infrastructure.m310.mongodb.university instead of IP for kmipServerName while starting mongod

1 Like

Thanks for replying. I had tried that too and it didn’t help :slightly_smiling_face:

Here are the errors (these are different):

2020-08-22T05:42:43.017+0000 I NETWORK  [initandlisten] getaddrinfo("infrastrcuture.m310.mongodb.university") failed: Name or service not known
2020-08-22T05:42:43.018+0000 E STORAGE  [initandlisten] Unable to retrieve key .system, error: Failed to open connection to KMIP server infrastrcuture.m310.mongodb.university.

Try to change the same in pykmip_server.py also and see

mongod started with --kmipServerName infrastructure.m310.mongodb.university , also fails:

2020-08-22T09:44:49.591+0000 W NETWORK  [initandlisten] Failed to connect to 192.168.31.200:5696, in(checking socket for error after poll), reason: errno:111 Connection refused
2020-08-22T09:44:49.591+0000 E STORAGE  [initandlisten] Unable to retrieve key .system, error: Failed to open connection to KMIP server infrastructure.m310.mongodb.university.

KMIP Server (with changed host infrastructure.m310.mongodb.university):

[vagrant@infrastructure shared]$ python pykmip_server.py
2020-08-22 09:42:39,052 - __main__ - INFO - Starting KMIP server

you made a typo in the host name

typo?

KMIP Server: host="infrastructure.m310.mongodb.university"

mongod: --kmipServerName infrastructure.m310.mongodb.university

In one of your post

getaddrinfo("infrastrcuture.m310.mongodb.university") failed: Name or service not known
2020-08-22T05:42:43.018+0000 E STORAGE  [initandlisten] Unable to retrieve key .system, error: Failed to open connection to KMIP server infrastrcuture.m310.mongodb.university.

infrastrcuture rather than infrastructure

3 Likes

I started the KMIP server with host="192.168.31.200", and mongod with --kmipServerName infrastructure.m310.mongodb.university. And, the mongod server started :grinning:

1 Like