SetEnv MONGO_URL mongodb://:@XXXXXXXXX.docdb.amazonaws.com :27017/?ssl=true&ssl_ca_certs=/home/ec2-user/rds-combined-ca-bundle.pem&replicaSet=rs0&readPreference=secondaryPreferred&retryWrites=false
App 2291 output: MongoNetworkError: failed to connect to server [XXXXXX.docdb.amazonaws.com:27017 ] on first connect [Error: unable to get local issuer certificate
App 2291 output: at TLSSocket.onConnectSecure (_tls_wrap.js:1474:34)
App 2291 output: at TLSSocket.emit (events.js:310:20)
App 2291 output: at TLSSocket.EventEmitter.emit (domain.js:482:12)
App 2291 output: at TLSSocket._finishInit (_tls_wrap.js:917:8)
App 2291 output: at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:687:12) {
App 2291 output: name: ‘MongoNetworkError’,
App 2291 output: [Symbol(mongoErrorContextSymbol)]: {}
App 2291 output: }]
MongoNetworkError: [Error: unable to get local issuer certificate
Please check this link
opened 02:43PM - 23 Jan 18 UTC
Getting below error
{ Error: Error: unable to get local issuer certificate
… at generateError (C:\Users\mishrut\full_stack\gitlab_rally_alm\node_modules\rally\dist\request.js:38:11)
at Request._callback (C:\Users\mishrut\full_stack\gitlab_rally_alm\node_modules\rally\dist\request.js:110:20)
at self.callback (C:\Users\mishrut\full_stack\gitlab_rally_alm\node_modules\request\request.js:187:22)
at emitOne (events.js:116:13)
at Request.emit (events.js:211:7)
at Request.onRequestError (C:\Users\mishrut\full_stack\gitlab_rally_alm\node_modules\request\request.js:813:8)
at emitOne (events.js:116:13)
at ClientRequest.emit (events.js:211:7)
at TLSSocket.socketErrorListener (_http_client.js:387:9)
at emitOne (events.js:116:13)
errors:
[ { Error: unable to get local issuer certificate
at TLSSocket.<anonymous> (_tls_wrap.js:1103:38)
at emitNone (events.js:106:13)
at TLSSocket.emit (events.js:208:7)
at TLSSocket._finishInit (_tls_wrap.js:637:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:467:38) code: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY' } ] }
(node:9540) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): Error: Error: unable to get local issuer cert
(node:9540) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not hand
minate the Node.js process with a non-zero exit code.
{ Error: Error: unable to get local issuer certificate
at generateError (C:\Users\mishrut\full_stack\gitlab_rally_alm\node_modules\rally\dist\request.js:38:11)
at Request._callback (C:\Users\mishrut\full_stack\gitlab_rally_alm\node_modules\rally\dist\request.js:110:20)
at self.callback (C:\Users\mishrut\full_stack\gitlab_rally_alm\node_modules\request\request.js:187:22)
at emitOne (events.js:116:13)
at Request.emit (events.js:211:7)
at Request.onRequestError (C:\Users\mishrut\full_stack\gitlab_rally_alm\node_modules\request\request.js:813:8)
at emitOne (events.js:116:13)
at ClientRequest.emit (events.js:211:7)
at TLSSocket.socketErrorListener (_http_client.js:387:9)
at emitOne (events.js:116:13)
errors:
[ { Error: unable to get local issuer certificate
at TLSSocket.<anonymous> (_tls_wrap.js:1103:38)
at emitNone (events.js:106:13)
at TLSSocket.emit (events.js:208:7)
at TLSSocket._finishInit (_tls_wrap.js:637:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:467:38) code: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY' } ] }
(node:9540) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 2): Error: Error: unable to get local issuer cert
I see you have posted on stackexchange too
There are couple of other threads on this error
May be the certificate is not from trusted source or your company rules not allowing it
Certificate is working fine if I connect via SSL to data base. It is not working if I use it from Apache. I am using phusion passenger for Meteor
chris
(Chris Dellaway)
May 1, 2020, 1:28pm
4
This is likely a permission/access issue on /home/ec2-user/rds-combined-ca-bundle.pem
Whatever user apache/phusion is running as needs access to that file. Under a user directory this is unlikely to be the case.
@chris Thankyou for the response, I tried below fix, but still getting the same error.
I moved it to /var/www/medapp/rds-combined-ca-bundle.pem
-rwxr-xr-x 1 medappuser medappuser 43888 May 5 11:07 rds-combined-ca-bundle.pem
SetEnv MONGO_URL mongodb://:@XXXXXXXXX.docdb.amazonaws.com :27017/?ssl=true&ssl_ca_certs=/var/www/medapp/rds-combined-ca-bundle.pem&replicaSet=rs0&readPreference=secondaryPreferred&retryWrites=false
chris
(Chris Dellaway)
May 5, 2020, 12:44pm
6
Thanks a lot @chris , it is fixed now.
I am supposed to use tls=true&tlsCAFile=/var/www/covidapp/rds-combined-ca-bundle.pem instead of ssl=true&ssl_ca_certs=/var/www/medapp/rds-combined-ca-bundle.pem
2 Likes
system
(system)
Closed
November 1, 2020, 5:31am
9
This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.