I'm trying to discover what critical bit of information I've over looked in implementing SSL. I've looked at the docs, ran through some tutorials, but am getting unexpected results in my dev environment.
Here's the overall steps I've taken:
---
certs:
---
* Generated my own CA
- CN=localhost
* Generated a server cert with my own CA
- cat my-server.crt.pem my-server.key.pem > mongodb.pem
- CN=127.0.0.1
* Generated a client cert with my own CA
- cat my-client.crt.pem my-client.key.pem > dbclient.pem
- CN=127.0.0.1
---
server:
---
* Created a mongo.conf file with the following SSL options
sslMode = requireSSL # do not permit non-SSL connections
sslPEMKeyFile = ./ssl/mongodb.pem
sslPEMKeyPassword = ... # password (to decrypt private key)
sslCAFile = ./ssl/my-private-root-ca.crt.pem
>>>> mongod --config mongodb.conf
---
client
---
Added SSL to my index.js file:
...
var https = require('https'),
fs = require('fs');
...
app.use(methodOverride('X-HTTP-Method-Override')); //ability to use put, etc.
...
// For the moment, allowing just about everything for now for CORS origin, methods, and headers
...
var config = {
mongo: {
host: "localhost",
port: 27017,
db: "test"
}
};
var dbstring = "mongodb://" + config.mongo.host + ":" + config.mongo.port +
"/" + config.mongo.db;
var dboptions = {
server: {
// mongo -ssl -sslPEMKeyFile ./ssl/dbclient.pem -sslCAFile ./ssl/my-private-root-ca.crt.pem
ssl: true,
// sslCert: fs.readFileSync('./ssl/my-client.key.pem') also works
sslCert: fs.readFileSync('./ssl/dbclient.pem'),
sslKey: fs.readFileSync('./ssl/my-client.key.pem')
}
};
mongoose.connect(dbstring, dboptions);
mongoose.connection.once('open', function() {
...
console.log('Secure Express server listening on port 27017...');
app.listen(27017);
});
>>>> node index.js
Server log says:
http request to result in ERR_CONNECTION_CLOSED and https to return collection (after cert is accepted in browser, of course)
Any suggestions as to what is missing or how I can get more information as to what is going wrong?
Much appreciated!