I'm trying to connect to MongoDB Atlas using Robo 3T.
I must be doing something wrong, cause when i'm trying to connect I get the following error message:
Failed to connect to cluster via SSL tunnel.
in details: Error: ssl connection failure: Authentication failed.
What iv'e tried so far:
Selected a "Direct connection" type.
I used my primary cluster as address (including the port number)
for Authentication I used "admin" Database, and put my username (my email) and the password of MongoDB Atlas.
I also white listed my IP address, and even set it as "allow access from anywhere", though it's not secure.
I checked "Use self-signed certificate"
Nothing I do seems to work.
Any idea what am I doing wrong?
thanks
At Atlas connections are SSL encrypted.
Go to SSL Tab in the connection settings window
Select Use SSL Protocol option
Now try connecting.
Exclude the port number in your cluster URI. :PORT. Exclude the port then use ssl and self certificate.
Related
I just setup aws rds and I'm trying to connect pgadmin to it. I put in the Endpoint and the port shown in the rds dashboard, and the username and password I set. When I try connecting, I get an error message saying: Unable to connect to server "host name" port "port" failed: timeout expired.
I also tried connecting prisma to it by running npx prisma migrate dev --name init and I also get an error saying P1001: Can't reach database server at "host name".
I made sure to set Publicly accessible to Yes, but it's still not working. What am I doing wrong and how can I fix it?
(For the settings, I used the default free tier settings.)
In the question thread, the security group is defined to accept All Traffic from all IPv6 addresses ::/0. Permission for IPv4 address should be added as well. You may want to address All Traffic for IPv4 address 0.0.0.0/0.
I am having an issue connecting to a mongoDB through SSH. I commented out the bind_ip option (and then added the authorization option). But to no avail. I even allowed the port through my firewalls. I get this error
"Cannot establish SSH Tunnel (IP:22).
Error: Failed to create a SSH channel"
It is worth mentioning I am using Robo 3T, and the first step, connecting to the server passes.
You can try this:
Select whether Compass should connect to a MongoDB cluster via an SSH tunnel, which automatically starts when you connect to MongoDB, and stops when you disconnect. If selected, choose either a password or an identity file to provide authentication.
Link: https://docs.mongodb.com/compass/master/connect/
I am not able to connect my server in MongoDB Compass. I am trying to connect by identity file. I am providing hostname username and file.
I got:
'Error creating SSH Tunnel: Timed out while waiting for forwardOut'
What does it mean?
Hi, krl! I was getting the exact same error from MongoDB Compass Community 1.11.1 while trying to connect through an SSH tunnel, with a ppk file protected by a passphrase.
Are you putting your remote server IP or domain name in the first field (hostname)? That was my mistake.
What solved it for me was setting the Hostname field (the first one on top) to localhost instead of remote server IP or domain name. Put your domain/IP only on the field SSH Hostname.
I hope it helps.
I am trying to connect AWS RDS PostgreSql from PgAdmin 3. I followed the below link
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ConnectToPostgreSQLInstance.html
In Security Group, I also added PostgreSQL and All traffic as below
The "publicly accessible" flag was enabled (updated after Mark B's comment)
I got the error from PGAdmin3
Very appreciate for any suggestion
******UPDATE*******
I can connect pgAdminIII to AWS RDS successfully using home wifi, but cannot connect using office wifi.
My concern is:
Was the port 5432 blocked by office wifi?
How can I configure/update the port without impacting to current API?
Note: My current API is working well (CRUD)
Can you can test your connection to a DB instance using common Linux or Windows tools first?
From a Linux or Unix terminal, you can test the connection by typing the following (replace with the endpoint and with the port of your DB instance):
$nc -zv DB-instance-endpoint port
For example, the following shows a sample command and the return value:
$nc -zv postgresql1.c6c8mn7tsdgv0.us-west-2.rds.amazonaws.com 8299
Connection to postgresql1.c6c8mn7tsdgv0.us-west-2.rds.amazonaws.com
8299 port [tcp/vvr-data] succeeded!
Windows users can use Telnet to test the connection to a DB instance. Note that Telnet actions are not supported other than for testing the connection. If a connection is successful, the action returns no message. If a connection is not successful, you receive an error message such as the following:
C:>telnet sg-postgresql1.c6c8mntzhgv0.us-west-2.rds.amazonaws.com
8299
Connecting To sg-postgresql1.c6c8mntzhgv0.us-west-2.rds.amazonaws.com...Could not
open connection to the host, on port 819: Connect failed
If Telnet actions return success, then you are good to go.
If you are trying to access it from a network which is not listed for that port. you need to add inbound rules for those network IPs from AMAZON RDS system
You will also need to set Public accessibility true under Connect & security tab in RDS console.
Read this post.In your security group go to unbound rules and add my ip.
and make sure your database is public.
https://serverfault.com/questions/656079/unable-to-connect-to-public-postgresql-rds-instance
In the course of migrating off Parse's servers before it shuts down, I'm trying to set up a simple MongoDB instance on Digital Ocean. (I'm using that instead of mLab because my needs are very limited—-a few MB of storage, a few hundred requests per week--and for that mLab's costs are pretty high.)
I've got mongod running, and have made some progress with SSL thanks to this guide using Let's Encrypt, but now I'm stuck. Parse's migration tool says, "No reachable servers," and if I try to connect on the command line like this:
mongo --ssl -u editAdmin -p "<password-here>" --host mydb.myhost.com dbname
I get this error:
MongoDB shell version: 3.2.7
connecting to: mydb.myhost.com:27017/dbname
2016-07-24T10:31:38.814-0700 E QUERY [thread1] Error: network error while attempting to run command 'isMaster' on host 'mydb.myhost.com:27017' :
connect#src/mongo/shell/mongo.js:231:14
#(connect):1:6
exception: connect failed
The server log reports:
2016-07-24T13:32:44.357-0400 I NETWORK [initandlisten] connection accepted from 12.345.67.89:33351 #39 (1 connection now open)
2016-07-24T13:32:44.390-0400 E NETWORK [conn39] no SSL certificate provided by peer; connection rejected
2016-07-24T13:32:44.390-0400 I NETWORK [conn39] end connection 12.345.67.89:33351 (0 connections now open)
So that would suggest the client needs to provide a cert, but (a) I don't know how to provide one, and (b) Parse doesn't provide that as an option so there must be some way not to.
Thanks in advance for your help.
The key error message is this one:
no SSL certificate provided by peer; connection rejected
When you enable TLS/SSL on MongoDB, MongoDB clients can now authenticate that the MongoDB server is who it claims to be by comparing the MongoDB's TLS/SSL certificate (specified by the PEMKeyFile property in the mongod.conf file) against the public Certificate Authority certificate that you provide to the MongoDB client to indicate which Certificate Authority you trust.
But what I just described is sometimes called one-way TLS, whereas, by default, MongoDB enables two-way or mutual TLS authentication. The idea behind this is that maybe the MongoDB doesn't want to accept client requests from just anyone (the way a public website might), but wants to authenticate the clients as well.
In TLS Mutual Auth, the same Certificate Authority I mentioned above will issue client certificates and the MongoDB server will check the client's certificate to make sure it really was issued by the Certificate Authority in question and that it's valid (e.g. hasn't expired).
So this error is saying "Hey, I expect my clients to present a TLS certificate, but you're not presenting anything."
The way to fix it is described at Configure mongod and mongos for TLS/SSL:
If you want to bypass validation for clients that don’t present
certificates, include the allowConnectionsWithoutCertificates run-time
option with mongod and mongos. If the client does not present a
certificate, no validation occurs. These connections, though not
validated, are still encrypted using SSL.
Of course, you can specify this in the mongod.conf file as well: https://docs.mongodb.com/manual/reference/configuration-options/#net.ssl.allowConnectionsWithoutCertificates
My preferred solution looks like this:
net:
port: 27017
bindIp: 172.0.0.1 # Set this to whatever your private IP address is
ssl:
mode: "requireSSL"
PEMKeyFile: "/path/to/tls/private/key"
CAFile: "/path/to/ca/public/cert"
disabledProtocols: "TLS1_0,TLS1_1"
allowConnectionsWithoutCertificates: true # <-- The line to add to your config
You're command is using the SSL option (and I assume Parse is doing the same) so you are trying to connect using SSL. A client must provide a cert when using SSL. https://docs.mongodb.com/manual/tutorial/configure-ssl-clients/ this link explains how to do this and also specifically mentions your issue
Just follow this tutorial, everything is there, I know that for sure cause I was following that and now I got running parse-server without any previous knowledge... I would recommend you using the MongoDB connection without SSL certificate and allow only localhost queries to it - so only the parse-server that runs on the same machine will access this DB...