Closed swrap closed 6 years ago
Hi @swrap
This is odd - the misspelt message only adds to the weirdness!
I had a quick google and found the exact message (misspelling and all) in a Go package called cryptoengine wrapping the NaCL library - is this something you use? It's not used in mgo and I imagine the nginx module is C, so it's unlikely it's originated from there either.
Specifically mgo uses the Golang TLS implementation and doesn't do anything particularly special - we use TLS extensively (obviously!) and have no issues.
Dom
We don't proxy connections to mongo though - this might not work very well with clustering because mgo queries the connected node for a list of other nodes to talk to: say you connect to r1 and it says "there's r2 at 10.0.0.1 and r3 at 10.0.0.2 too" mgo will try and connect to them directly.
Does this work without the TLS?
Dom
@domodwyer Thank you for the help! What we found out was that it ended being a custom marshaller we used when grabbing some data from the mongo instance. Thank you for pointing at the repository, it was caused because we had invalid keys, you were a real help!
I have configured Nginx SSL Stream to act as a proxy in front of my Mongo DB.
I have tested it via the Mongo CLI -ssl option and it work flawlessly. However, when I try it with this library I have a problem once I query the mongo database. I receive the following error from a query
Could not verify the message. Message has been tempered with!
. I have scoured the internet trying to find answers, but to no avail :( It is odd because 'tempered' is misspelled, I looked in my own code thinking it was me, but it is not.For now I can go back to manually creating the certs and have mongo authenticate them, but I would rather just used an automated cert authority and keep mongo behind nginx. Any help with this problem would be awesome!
If you need help building the Nginx library please reach out, you need to include the stream modules because it is not included in the regular build.
MGO Library version:
Go Version
go version go1.10.2 linux/amd64
Mongo Go Setup Session:
Query:
NGINX Config: