hi everyone. I’m in a peculiar situation.
I have a mongodb cluster with replication with this configuration:
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# Where and how to store data.
storage:
dbPath: {{ mongodb_data_dir }}
journal:
enabled: true
# engine:
# mmapv1:
wiredTiger:
engineConfig:
cacheSizeGB: {{ memory }}
# where to write logging data.
#systemLog:
# destination: file
# logAppend: true
# path: /var/log/mongodb/mongod.log
# network interfaces
net:
port: {{ mongod_port }}
bindIp: 127.0.0.1,{{ fqdn }}
ssl:
mode: requireSSL
PEMKeyFile: /certs/tls.pem
CAFile: /certs/tls.crt
disabledProtocols: TLS1_0,TLS1_1
allowConnectionsWithoutCertificates: false
allowInvalidHostnames: false
security:
authorization: enabled
keyFile: /conf/mongodb/repl.key
javascriptEnabled: {{'true' if javascript_enabled else 'false'}}
#operationProfiling:
replication:
replSetName: {{ replica_set_name }}
oplogSizeMB: {{ oplog_size_mb }}
enableMajorityReadConcern: {{'true' if enable_majority_read_concern else 'false'}}
#sharding:
## Enterprise-Only Options:
#auditLog:
#snmp:
TLS is required and the operator which is doing some things is already using the correct certificate.
When replication is kicking in however, suddenly, I’m starting see these:
2021-03-19T16:33:49.630+0000 I NETWORK [conn619] Error receiving request from client: SSLHandshakeFailed: The server is configured to only allow SSL connections. Ending connection from 127.0.0.1:44320 (connection id: 619)
2021-03-19T16:33:49.630+0000 I NETWORK [conn619] end connection 127.0.0.1:44320 (8 connections now open)
2021-03-19T16:33:50.132+0000 I NETWORK [listener] connection accepted from 127.0.0.1:44350 #620 (9 connections now open)
2021-03-19T16:33:50.132+0000 I NETWORK [conn620] Error receiving request from client: SSLHandshakeFailed: The server is configured to only allow SSL connections. Ending connection from 127.0.0.1:44350 (connection id: 620)
2021-03-19T16:33:50.132+0000 I NETWORK [conn620] end connection 127.0.0.1:44350 (8 connections now open)
2021-03-19T16:33:50.634+0000 I NETWORK [listener] connection accepted from 127.0.0.1:44360 #621 (9 connections now open)
2021-03-19T16:33:50.634+0000 I NETWORK [conn621] Error receiving request from client: SSLHandshakeFailed: The server is configured to only allow SSL connections. Ending connection from 127.0.0.1:44360 (connection id: 621)
2021-03-19T16:33:50.634+0000 I NETWORK [conn621] end connection 127.0.0.1:44360 (8 connections now open)
2021-03-19T16:33:51.136+0000 I NETWORK [listener] connection accepted from 127.0.0.1:44364 #622 (9 connections now open)
2021-03-19T16:33:51.136+0000 I NETWORK [conn622] Error receiving request from client: SSLHandshakeFailed: The server is configured to only allow SSL connections. Ending connection from 127.0.0.1:44364 (connection id: 622)
I have no idea what this is and where it’s coming from. The localhost connection I mean. It’s not me, so I suspect it’s the replication inside mongo? I have 3 instances. To secondary and a single primary. But the cluster can’t connect and so no-one is primary. I tried specifying a clusterFile too, but that didn’t do anything.
Anyone ever see something like this and might have ANY ideas where or what I can do? I’ve been trying to figure this out for a long time now without luck.
If I set
allowConnectionsWithoutCertificates: true
allowInvalidHostnames: true
It works of course, but that is not desirable.
Any help is much appreciated.