Hello,
I have a 3 node replica set configured on AWS EC2 instances. I’m trying to connect to it from an ECS container via mongoose. However, the container keeps crashing because of this error:
MongooseServerSelectionError: unsupported certificate purpose
My client certificate’s extended key usage is clientAuth and I’ve tried adding serverAuth as well, with no change in the error. I’ve also tried removing extended key usage entirely to no avail. Key usage is set to digitalSignature. I followed the guidelines in the docs for these settings.
Here is how I’m attempting the connection:
mongoose.connect(
`mongodb://${DB_USER}:${DB_PASSWORD}@${'mongodb1.lgbtqhealthdirectory.org'}/healthdir`,
{
useNewUrlParser: true,
useUnifiedTopology: true,
useFindAndModify: false,
authSource: 'admin',
// replicaSet: 'rs0',
tls: true,
tlsCertificateKeyFile: 'certs/api.pem',
tlsCAFile: 'certs/mongoCA.crt',
}
);
I’m just connecting to the primary for now while I’m troubleshooting the certificate problem - normally I pass in the list of replica hosts as a variable.
Does anyone have any tips on how to get past this error? Let me know if there’s any additional information I could provide for further troubleshooting.