MongoDB replicaset TLS/SSL
Amir Salar Pourhasan
# network interfaces
net:
port: 27017
bindIp: 10.10.20.21,5.22.25.45 # example private ip and one example valid IP
ssl:
mode: requireSSL
PEMKeyFile: /opt/mongo/mongo.pem
PEMKeyPassword: MyPassword
CAFile : /opt/mongo/CA.pem
allowInvalidCertificates: true
allowInvalidHostnames: true
security:
keyFile: /opt/mongo/mongo-keyfileE STORAGE [initandlisten] Failed to set up listener: SocketException: Cannot assign requested address
I CONTROL [initandlisten] now exiting
I CONTROL [initandlisten] shutting down with code:48
Kevin Adistambha
Hi Amir
Failed to set up listener: SocketException: Cannot assign requested address
This error means that you’re trying to bind mongod to an address the server doesn’t have.
I see a similar error message when trying to bind to some address not defined in my PC:
$ mongod --dbpath . --bind_ip 123.123.123.123
...
2018-09-25T16:30:29.531+1000 E STORAGE [initandlisten] Failed to set up listener: SocketException: Can't assign requested address
2018-09-25T16:30:29.531+1000 I CONTROL [initandlisten] now exiting
2018-09-25T16:30:29.531+1000 I CONTROL [initandlisten] shutting down with code:48
mongod will either use SSL or not use SSL (depending on the parameter e.g. requireSSL/allowSSL etc.) for all its bound IP. You cannot choose which IP use SSL and which IP don’t use SSL.
Please see Configure mongod and mongos for TLS/SSL and Upgrade a Cluster to Use TLS/SSL for instructions on how to setup SSL on an existing deployment.
If you’re still having issues, could you post your MongoDB version, your goal state, and what steps have you tried that failed to reach that goal.
Best regards,
Kevin