Hello,
I am trying to migrate my Parse DB to AWS using MongoDB Cloud manager, I have setup the instances by following the tutorial "https://www.mongodb.com/migrate-from-parse-to-mongodb-cloud-manager-and-aws", I did following steps :
1. I created Replica set
2. I set the mongoDB version to 3.0.9
3. I also set the failIndexKeyTooLong=false
4. I also created the user and database
But when I am trying to configure "Authentication & Users", I am getting the following error :
"Failure dialing host after 255us. Skipping all `MongoDB Non-Blocking` tasks. Distinguished Name (DN) of Subject from SSL client certificate could not be determined. Consider setting the `sslClientCertificateSubject` property as the subject line from the following command: openssl x509 -in </path/to/cert> -subject -nameopt rfc2253 Err: Unsupported attribute type: 1.2.840.113549.1.9.1 at monitoring-agent/components/conf.go:117 at monitoring-agent/components/conf.go:78 at monitoring-agent/components/conf.go:158 at monitoring-agent/components/bus.go:362 at monitoring-agent/components/bus.go:391 at monitoring-agent/components/bus.go:337 at src/runtime/asm_amd64.s:1696"
I have created the certificates at all the three instances by using the following commands :
Step 1 : sudo openssl req -newkey rsa:2048 -new -x509 -days 365 -nodes -out mongodb-cert.crt -keyout mongodb-cert.key
Step 2 : sudo cat mongodb-cert.key mongodb-cert.crt > mongodb.pem
Kindly help me out where did I made the mistake, and how to generate the correct certificate so that It can be authenticated.
I am always getting "Network error" from Parse when I try to migrate it.
Thanks
Hi Ankit,
It has been a while since you posted this question. Were you able to resolve the problems you had with setting up SSL?
From the error message you posted it seems there is a problem with the Client Certificate DN:
Distinguished Name (DN) of Subject from SSL client certificate could not be determined.
The Client Certificate DN should contain the following attributes: Organization (O), the Organizational Unit (OU) or the Domain Component (DC) and should not match the DN of a member certificate. Please review our X509 certificate documentation for clients and our X509 certificate documentation for members. Ensure that the certificate is correctly set up for each instance. Please also review our documentation on how to enable SSL for a deployment.
Also helpful could be our Step-by-Step Parse Migration Plan Webinar.
Regards,
Markus