I am trying to connect a NodeJS server to an AWS documentDB cluster with TLS enabled. The NodeJS server is hosted on an EC2 instance and it’s on the same VPC as the documentDB cluster. But I’m getting the following error:
{ MongoServerSelectionError: unable to get local issuer certificate
at Timeout.waitQueueMember.timer.setTimeout [as _onTimeout] (/home/ubuntu/server/node_modules/mongodb/lib/core/sdam/topology.js:438:30)
at ontimeout (timers.js:436:11)
at tryOnTimeout (timers.js:300:5)
at listOnTimeout (timers.js:263:5)
at Timer.processTimers (timers.js:223:10)
name: 'MongoServerSelectionError',
reason:
TopologyDescription {
type: 'ReplicaSetNoPrimary',
setName: null,
maxSetVersion: null,
maxElectionId: null,
servers:
Map {
'*******.cluster-****.us-east-1.docdb.amazonaws.com:27017' => [ServerDescription] },
stale: false,
compatible: true,
compatibilityError: null,
logicalSessionTimeoutMinutes: null,
heartbeatFrequencyMS: 10000,
localThresholdMS: 15,
commonWireVersion: null } }
The error seems to be with the TLS certificate. But I’m passing the contents of rds-combined-ca-bundle.pem
while connecting as shown in the following code:
uri = process.env.MONGODB_URI || process.env.Db_url;
options = {
user: "****",
pass: "****",
}
mongoose.set("useCreateIndex", true);
mongoose.connect(
uri,
{
useNewUrlParser: true,
useFindAndModify: false,
useUnifiedTopology: true,
sslCA: [fs.readFileSync("/home/ubuntu/rds-combined-ca-bundle.pem")],
},
err => {
if (err) {
console.log('Connection Error: ', err);
} else {
console.log(`Successfully Connected============`);
}
}
);
I’ve tried connecting to the mongo cluster using mongo shell on EC2 instance using
mongo --ssl --host *******.cluster-****.us-east-1.docdb.amazonaws.com:27017
--sslCAFile rds-combined-ca-bundle.pem --username ***** --password *****
and this is working. So, the connection to the cluster is fine, but the mongoose cannot connect.
Is there any other way to connect to documentDB using mongoose?
2
Answers
Can you add ssl: true ? Something like this works for me:
What is the version of mongoose that you are using? In my project, mongoose 5.x works just fine but once it is updated to 6.x it won’t connect to the documentdb.
Note: mongoose version < 6.4.6 is considered vulnerable. https://security.snyk.io/package/npm/mongoose