Closed harshalna1du closed 3 years ago
Hello @harshalna1du,
I reproduced the same error here and I see we are using just "ca" and not "ca_file".
I paste bellow the comment in the code showing the parameters name for this function.
Thank you. I change the parameter to ca and I got the error
Error in path.expand(path) : invalid 'path' argument
Then I used the parameter cert instead of crl_file and I got this error
Error: OpenSSL error in asn1_check_tlen: wrong tag
I also tried using read_pem instead of read_cert and I got the error
Error in read_input(file) :
file must be connection, raw vector or file path
The mongo-sec.pem file has both the cert and an rsa key.
I'm not sure what is happening. I'd appreciate any guidance to make it work.
Hi @harshalna1du
I was experiencing a similar issue, specifically: Error: OpenSSL error in asn1_check_tlen: wrong tag
Calling openssl::read_key()
on my cert/rsa key file - mongo-sec.pem in your case - resulted in Input is a certificate. Use read_cert() to read.
To fix that, I copied the private key from my cert/rsa key file into a separate file I named key.pem. Consider doing the same and try the following parameters below:
ssl_options parameters:
ca = "C:/certs/ca-sec.pem",
cert = read_cert("C:/certs/mongo-sec.pem"),
key = read_key(“C:/certs/key.pem”) #This is the newly created key file
Thank you @JerchafliePaul.
I tried again after separating the key in a different file but I still get the error
Error in path.expand(path) : invalid 'path' argument
Here's the output of traceback()
8: path.expand(path)
7: normalizePath(ca, mustWork = TRUE)
6: ssl_options(
ca = read_cert("C:/certs/ca-sec.pem"),
cert = read_cert("C:/certs/mongo-sec.pem"),
key = read_key("C:/certs/key.pem")
)
5: serialize(params, NULL)
4: rawstringhash(x, "md5", key)
3: openssl::md5(serialize(params, NULL))
2: new_client(c(list(uri = url), options))
1: mongo(url = "mongodb://<my username>:<my password><mydomain><:port>/<mongo auth db>?ssl=true",
options = ssl_options(
ca = read_cert("C:/certs/ca-sec.pem"),
cert = read_cert("C:/certs/mongo-sec.pem"),
key = read_key("C:/certs/key.pem")
)
)
In this case the mongo-sec.pem file had both the cert and the rsa key. And the key.pem file had only the key. I also tried with mongo-sec.pem containing only the cert and not the rsa key. The result was the same.
@harshalna1du My mistake, just pass the path for the ca parameter. I edited my previous comment to reflect this change.
@GiraffeFile Thanks so much. I'm making progress but getting a new error now.
Error: No suitable servers found (
serverSelectionTryOnceset): [connection closed calling ismaster on '<ip>:<port>']
I tried setting the ssl option allow_invalid_hostname to TRUE. I also tried connecting using the the host name after updating the windows hosts file.
I can connect to mongodb using a GUI client called nosqlbooster.
Appreciate the help.
My issue is resolved and I can now connect to mongodb . The error in my last comment was because I missed the port name in copy pasting.
When I included the port name I got the following error
Error: No suitable servers found (
serverSelectionTryOnceset): [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed calling ismaster on '<ip>:<port>']
This issue was resolved by adding the ssl option allow_invalid_hostname =TRUE. Alternatively adding the ip host name mapping to the hosts file also resolved the issue without having to use the said ssl option.
Here's the approach I finally used to connect to mongo. Hope it helps someone
library(mongolite)
con <- mongo(
url = "mongodb://<username>:<password>@<ip>:<port>/<dbname>?ssl=true",
options = ssl_options
(
ca = "<path/cert filename>",
cert = read_cert("path/ssl cert.pem"),
key = read_key("path/rsa key.pem"),
allow_invalid_hostname =TRUE
)
)
Example
library(mongolite)
con <- mongo(
url = "mongodb://misterMister:mypassword@172.x.x.0:30719/mydb?ssl=true",
options = ssl_options
(
ca = "C:/certs/ca-sec.pem",
cert = read_cert("C:/certs/mongo-sec.pem"),
key = read_key("C:/certs/key.pem"),
allow_invalid_hostname =TRUE
)
)
Appreciate the support for this super useful library.
I'm trying to connect to mongo referring to https://jeroen.github.io/mongolite/connecting-to-mongodb.html
In the mongo compass utility(that comes with mongodb), I have the following SSL settings
SSL Dropdown : Server and Client Validation Certificate Authority : C:/certs/ca-sec.pem Client Certificate: C:/certs/mongo-sec.pem Client Private Key: C:/certs/mongo-sec.pem
This works fine.
In R, I tried this but got the error - unused argument ca_file = read_cert("C:/certs/ca-sec.pem)
I tried various other combinations of options given on the page but to no avail.
I'd appreciate if someone could please point me to the right options.