M310 -homework- / Connecting with mongo shell

While working on the course M310, I am having some trouble.

I have launched three mongodb daemons using these commands:

mongod --replSet TO_BE_SCD --dbpath ./M310-HW-1.5/r0 --logpath ./M310-HW-1.5/r0/mongodb.log --port 31150 --auth --keyFile mongodb-keyfile --fork --sslMode requireSSL --sslPEMKeyFile ./shared/certs/server.pem --sslCAFile ./shared/certs/ca.pem

mongod --replSet TO_BE_SCD --dbpath ./M310-HW-1.5/r1 --logpath ./M310-HW-1.5/r1/mongodb.log --port 31151 --auth --keyFile mongodb-keyfile --fork --sslMode requireSSL --sslPEMKeyFile ./shared/certs/server.pem --sslCAFile ./shared/certs/ca.pem

mongod --replSet TO_BE_SCD --dbpath ./M310-HW-1.5/r2 --logpath ./M310-HW-1.5/r2/mongodb.log --port 31152 --auth --keyFile mongodb-keyfile --fork --sslMode requireSSL --sslPEMKeyFile ./shared/certs/server.pem --sslCAFile ./shared/certs/ca.pem

I now want to use mongo shell to connect to the one on port 31150, in order to initiate the replica set. And this is where I hit a problem. I have tried several ways to connect but all failed:

  1. running:
    mongo --port 31150
  2. running:
    mongo --host database.m310.mongodb.university --port 31150
  3. running: (This one is probably not supposed to work)
    mongo --host “TO_BE_SCD/database.m310.mongodb.university:31150”
  4. running:
    mongo --port 31150 --ssl --sslPEMKeyFile ./shared/certs/client.pem --sslCAFile ./shared/certs/ca.pem

As one can see, for some reason I am missing the target.

If someone can point me in the right direction to solve this, that would be very helpful.

But HW-1.5 is with x509 authentication
Your mongod command does not have that param
Which lab you are doing exactly

I am working on HW-1.5.

I indeed took off the “–clusterAuthMode x509” option on purpose, thinking it was only needed for internal authentication and not for client authentication.

Is this what you are referring to? When you write:

Your mongod command does not have that param

Was this a mistake?

And is this why I cannot connect with the mongo shell?

What error are you getting with mongo with current setup?
Try allowSSL for --sslMode and see

By following your tip, using allowSSL instead of requireSSL.
I am able to connect using one of these two commands:

mongo --port 31150

and:

mongo --host database.m310.mongodb.university --port 31150

On the other hand, if I want to use this one:

mongo --port 31150 --ssl --sslPEMKeyFile ./shared/certs/client.pem --sslCAFile ./shared/certs/ca.pem

I get this error message:

vagrant@database:~$ mongo --port 31150 --ssl --sslPEMKeyFile ./shared/certs/client.pem --sslCAFile ./shared/certs/ca.pem
MongoDB shell version: 3.2.22
connecting to: 127.0.0.1:31150/test
2020-11-22T03:12:58.297+0000 E NETWORK [thread1] The server certificate does not match the host name 127.0.0.1
2020-11-22T03:12:58.298+0000 E QUERY [thread1] Error: socket exception [CONNECT_ERROR] for The server certificate does not match the host name 127.0.0.1 :
connect@src/mongo/shell/mongo.js:231:14
@(connect):1:6

exception: connect failed
vagrant@database:~$

Then in the case I can connect, using one of the two ways I just mentioned; I am finally able to run rs.initiate, but I have to change HW-1.5 to TO_BE_SCD. Apparently the _id in the rs.initiate must match the replica set name provided in the mongodb.

And the following goes with no more problems.
Thank you for your valuable help.

If you have some time to answer some of the 3 questions if my last message.
That may allow me to learn a bit more.

Best.

Try
mongo --port 31150 --ssl --sslPEMKeyFile ./shared/certs/client.pem --sslCAFile ./shared/certs/ca.pem --host database.m310.mongodb.university
Since you have used host as above while creating certificate mongo expects the same hostname