Connecting to MongoDB Cluster using Java driver 3.2.2 with TLS and JKS

68 views
Skip to first unread message

Ehud Kafri

unread,
Jun 21, 2017, 6:01:45 PM6/21/17
to mongodb-user

When using Java – driver version 3.2.2 – I need to connect to a cluster of 3 MongoDB servers using JKS (Java Key Store).

I have 3 certificates, 1 CA root, 1 CA intermediate -sign by root - these 2 are chained, and 1 client certificate including private key.

If I try to use these certificates from the CLI I connect to Mongo and all is good, but when I create the KeyStore using the Keytool from Java I cannot connect, the handshake is broken.

Can anyone please point me to a good example of how to do this, 

Thank you

Wan Bachtiar

unread,
Jul 4, 2017, 2:08:38 AM7/4/17
to mongodb-user

Can anyone please point me to a good example of how to do this

Hi Ehud,

Could you provide an example of the Java code that you’ve tried ? Also how did you generate the keystore ?

As an example to connect to a single MongoDB with MongoDB Java driver using TLS/SSL and JKS :

System.setProperty("javax.net.ssl.trustStoreType", "jks");
System.setProperty("javax.net.ssl.trustStore", "/path/to/mongo-truststore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "password");

System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
System.setProperty("javax.net.ssl.keyStore", "/path/to/client.pkcs12");
System.setProperty("javax.net.ssl.keyStorePassword", "password");

MongoClientURI uri = new MongoClientURI("mongodb://host:port/?ssl=true");
MongoClient mongoClient = new MongoClient(uri);

See also MongoDB Java Driver Tutorials: connect to MongoDB with TLS/SSL

Regards,

Wan.

Reply all
Reply to author
Forward
0 new messages