Closed jeffsue closed 4 years ago
Hmm do you know what kind of format your cert / key is in? Is it a regular rsa key? In R you can do:
library(openssl)
read_cert("yourfile.crt")
read_key("yourkey.pem")
And that should show you the key details (format, size).
[4096-bit rsa private key] md5: 1a9d299b1a330ad29df5c58ee1419fe5
The original read_key appears to work fine. The error happens when the key is being extracted from the combined cert/key encrypted file that mongolite creates.
Right, the key seems to be in a format that MacOS does not support. I'm not sure if the nodejs driver uses native macOS SSL backend or OpenSSL.
I'll try to setup a mongo ssl server to test this.
If you can create a dummy account on your server for me, that would also be really helpful.
Should be fixed in mongolite 2.2.0 (on cran now).
Environment is mac catalina OS using RStudio. Error is: Warning: [ERROR] Failed importing PEM '/var/folders/hy/vzsydqy95jx2dm6xpc16n8k40000gp/T//Rtmpp36ZlC/file14204350f86f0' (code: -25257)
I was able to connect remotely with the same cert/key files using a nodejs library, so I believe the key and certificate are valid.
The error printout comes from mongolite/src/mongoc/mongoc-secure-transport.c, line 276. The error code is an Apple security code error: errSecUnknownFormat | -25257 | Unknown format in import.
As far as I can tell, mongolite reads the key and cert, then combines them into a temp file and encrypts it. This error is being generated when it's trying to read back that file. The temp file does exist, but I can't run command line openssl functions on it because it's encrypted.