Issue with setting up X509 authentication

I started mongod using the following config file ,

net:
ssl:
mode: requireSSL
PEMKeyFile: /home/vagrant/shared/certs/server.pem
CAFile: /home/vagrant/shared/certs/ca.pem
bindIp: database.m310.mongodb.university,127.0.0.1
port: 31130
storage:
dbPath: /home/vagrant/M310-HW-1.3/r0
security:
authorization: enabled
clusterAuthMode: x509
systemLog:
destination: file
path: /home/vagrant/M310-HW-1.3/r0/mongo.log.log
logAppend: true
processManagement:
fork: true
replication:
replSetName: myReplSet

When i tried to connect using mongo shell i am getting the following errors:

vagrant@database:~/shared/certs$ mongo --port 31130 --ssl --sslPEMKeyFile client.pem --sslCAFile ca.pem

MongoDB shell version: 3.2.22

connecting to: 127.0.0.1:31130/test

2021-01-17T22:25:20.300+0000 E NETWORK [thread1] The server certificate does not match the host name 127.0.0.1

2021-01-17T22:25:20.302+0000 E QUERY [thread1] Error: socket exception [CONNECT_ERROR] for The server certificate does not match the host name 127.0.0.1 :

connect@src/mongo/shell/mongo.js:231:14

@(connect):1:6

exception: connect failed

Try to use --host param in your mongo command

Is bindIp param needed for this lab?

Thanks Ramachandra for your response. Issue has been resolved. Following is the exact sequence of steeps.

vagrant@database:~/shared/certs$ cat …/node1.conf
net:
ssl:
mode: requireSSL
PEMKeyFile: /home/vagrant/shared/certs/server.pem
CAFile: /home/vagrant/shared/certs/ca.pem
bindIp: database.m310.mongodb.university,127.0.0.1
port: 31130
storage:
dbPath: /home/vagrant/M310-HW-1.3/r0
security:
clusterAuthMode: x509
systemLog:
destination: file
path: /home/vagrant/M310-HW-1.3/r0/mongo.log.log
logAppend: true
processManagement:
fork: true
replication:
replSetName: myReplSet

===============================

mongo --host “database.m310.mongodb.university:31130” --ssl --sslPEMKeyFile client.pem --sslCAFile ca.pem
use admin
rs.initiate()

db.getSiblingDB("$external").runCommand( { createUser: “C=US,ST=New York,L=New York City,O=MongoDB,OU=University2,CN=M310 Client”, roles : [ { role:“root”, db:“admin”}]})

db.getSiblingDB("$external").auth({ user: “C=US,ST=New York,L=New York City,O=MongoDB,OU=University2,CN=M310 Client”, mechanism: “MONGODB-X509”})

rs.add(“database.m310.mongodb.university:31131”)

rs.add(“database.m310.mongodb.university:31132”)

rs.status()

1 Like