Closed bjori closed 9 years ago
clusterAuthMode needs to be stripped out when creating the initial user :]
{ "name": "mongod", "id" : "STANDALONE-X509", "auth_key": "secret", "login": "root", "password": "toor", "procParams": { "dbpath": "/tmp/standalone-x509/", "ipv6": true, "logappend": true, "logpath": "/tmp/standalone-x509/m.log", "journal": true, "port": 2300, "setParameter": {"enableTestCommands": 1} }, "sslParams": { "clusterAuthMode": "x509", "sslMode": "requireSSL", "sslCAFile": "/phongo/scripts/ssl/ca.pem", "sslPEMKeyFile": "/phongo/scripts/ssl/server.pem", "sslWeakCertificateValidation": true } }
results in:
2014-12-19T10:27:52.220-0800 [conn1] end connection 192.168.112.10:54698 (1 connection now open) 2014-12-19T10:27:52.228-0800 [conn2] warning: no SSL certificate provided by peer 2014-12-19T10:27:52.231-0800 [initandlisten] connection accepted from 192.168.112.10:54700 #3 (2 connections now open) 2014-12-19T10:27:52.232-0800 [conn2] end connection 192.168.112.10:54699 (1 connection now open) 2014-12-19T10:27:52.238-0800 [conn3] warning: no SSL certificate provided by peer 2014-12-19T10:27:52.239-0800 [conn3] Unauthorized not authorized on admin to execute command { usersInfo: "root" } 2014-12-19T10:27:52.240-0800 [conn3] Unauthorized not authorized on admin to execute command { createUser: "root", pwd: "xxx", digestPassword: false, roles: [ "__system", "clusterAdmin", "dbAdminAnyDatabase", "readWriteAnyDatabase", "userAdminAnyDatabase" ], writeConcern: { fsync: true } } 2014-12-19T10:27:52.241-0800 [signalProcessingThread] got signal 15 (Terminated), will terminate after current cmd ends 2014-12-19T10:27:52.241-0800 [conn3] end connection 192.168.112.10:54700 (0 connections now open)
resolved in 9aa35e28487ce87da61996a25c9dccbf1367ee98
clusterAuthMode needs to be stripped out when creating the initial user :]
results in:
2014-12-19T10:27:52.220-0800 [conn1] end connection 192.168.112.10:54698 (1 connection now open) 2014-12-19T10:27:52.228-0800 [conn2] warning: no SSL certificate provided by peer 2014-12-19T10:27:52.231-0800 [initandlisten] connection accepted from 192.168.112.10:54700 #3 (2 connections now open) 2014-12-19T10:27:52.232-0800 [conn2] end connection 192.168.112.10:54699 (1 connection now open) 2014-12-19T10:27:52.238-0800 [conn3] warning: no SSL certificate provided by peer 2014-12-19T10:27:52.239-0800 [conn3] Unauthorized not authorized on admin to execute command { usersInfo: "root" } 2014-12-19T10:27:52.240-0800 [conn3] Unauthorized not authorized on admin to execute command { createUser: "root", pwd: "xxx", digestPassword: false, roles: [ "__system", "clusterAdmin", "dbAdminAnyDatabase", "readWriteAnyDatabase", "userAdminAnyDatabase" ], writeConcern: { fsync: true } } 2014-12-19T10:27:52.241-0800 [signalProcessingThread] got signal 15 (Terminated), will terminate after current cmd ends 2014-12-19T10:27:52.241-0800 [conn3] end connection 192.168.112.10:54700 (0 connections now open)