mongodb-go-driver version 1.1.3 Connection problem

[srinivas kotipalli]

Hi, 

I am trying to connecto Mongodb using tls settings. I keep getting "unable to decode message length: EOF". Following are the options I am using

"mongodb://myserver:27017/mydb?tls=true&tlsCaFile=%s&tlsClientCertificateKeyFile=%s&tlsClientCertificateKeyPassword=%s"

credential := options.Credential{
   AuthMechanism: "SCRAM-SHA-1",
   AuthSource: "mydb",
}

credential.Username = "myuserid"
credential.PasswordSet = true
credential.Password = "mypassword"
clientOpts := options.Client().ApplyURI(uri).SetAuth(credential);

I know AuthSource in options is redundant, but left it there just in case...

Can somebody help please, have been struggling with this for past 3 days, trying to figure out what is wrong. With the same settings and code I am able to connect to older version of Mongodb.

pleae help!

[Divjot Arora]

Hi Srinivas,

That error occurs if the connection is closed by the server because the driver is unable to read the message header. Can you look in the server logs to see if there's anything about an attempted connection being made and why it's being closed?

[srinivas kotipalli]

Thank you for your response Divjot, the server logs are saying that ‘no certificate provided by peer; connection rejected’ 

Yet you can see that I am sending both ca certificate and key file. 

Thank you

Srini

On Dec 11, 2019, at 7:50 AM, 'Divjot Arora' via mongodb-go-driver <mongodb-...@googlegroups.com> wrote:



--
You received this message because you are subscribed to the Google Groups "mongodb-go-driver" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mongodb-go-dri...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mongodb-go-driver/a09e47de-a887-48c7-a1bc-ad39f3f31a2f%40googlegroups.com.

[Divjot Arora]

Hi,

I think this is happening because the connection string options for the certificate and password are "tlsCertificateKeyFile" and "tlsCertificateKeyFilePassword", but you're specifying "tlsClientCertificateKeyFile" and "tlsClientCertificateKeyFilePassword". Can you try changing these and seeing if it works? I tested this with another driver as well and saw that it logs a warning if an unknown URI option is specified. Unfortunately, the Go driver does not currently output any logs of its own, so this kind of issue can be confusing. Adding logging to the driver is a project on our list and I've added a note to the project to say that misspelled or unknown URI options are hard to debug without logging. Hopefully this helps!

-- Divjot

To unsubscribe from this group and stop receiving emails from it, send an email to mongodb-...@googlegroups.com.

[srinivas kotipalli]

Good point Divjot. I was trying ssl options and just replaced ssl with TLS. I made the changes as suggested. Also tried pymongo driver both are erring out wth message ‘ serverselectiontimeout error, and ultimately with ‘unable to decode message length...’

Do u think the issue is on server side?

Sent from my iPhone

On Dec 12, 2019, at 5:48 PM, 'Divjot Arora' via mongodb-go-driver <mongodb-...@googlegroups.com> wrote:



To unsubscribe from this group and stop receiving emails from it, send an email to mongodb-go-dri...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mongodb-go-driver/3f59163a-634e-4b77-8a46-eadf842f1e37%40googlegroups.com.

[Divjot Arora]

If you're still getting the same "unable to decode message length" error after changing the connection string options, can you check the server logs again to see if they say something different this time? The issue on the driver side is that the server doesn't accept the incoming connection if there is a TLS configuration error, but it's impossible for the driver to know why this happened, so the most descriptive error we can report is "unable to decode message length". In this case, the server logs are usually the best place to look.

To view this discussion on the web visit https://groups.google.com/d/msgid/mongodb-go-driver/3f59163a-634e-4b77-8a46-eadf842f1e37%40googlegroups.com.