Mongocxx无法使用SSL连接到mongoDB [英] Mongocxx fails to connect to mongoDB with SSL
问题描述
我完成了以下教程( https://medium.com/@rajanmaharjan/secure-your-mongodb-connections-ssl-tls-92e2addb3c89 )来设置自签名SSL证书,以保护设备与托管mongoDB数据库的服务器之间的通信.
I completed the following tutorial (https://medium.com/@rajanmaharjan/secure-your-mongodb-connections-ssl-tls-92e2addb3c89) to set up self-signed SSL certificates to secure communications between a device and a server hosting a mongoDB database.
我可以使用以下命令从服务器和设备访问数据库:
I can access the database from the server and from the device with the following command:
mongo --ssl --sslCAFile /path/to/CA.pem --sslPEMKeyFile /path/to/mongodb.pem --host IP:port
当我尝试使用C ++程序连接到数据库时,出现段错误:
When I try to connect to the database with a C++ program, I get a seg fault:
Segmentation fault (core dumped)
GDB的输出是
Program received signal SIGSEGV, Segmentation fault.
0x0000007fb7f6d6a8 in mongocxx::v_noabi::client::client(mongocxx::v_noabi::uri const&, mongocxx::v_noabi::options::client const&) () from /usr/local/lib/libmongocxx.so._noabi
Program received signal SIGSEGV, Segmentation fault.
0x0000007fb7f6d6a8 in mongocxx::v_noabi::client::client(mongocxx::v_noabi::uri const&, mongocxx::v_noabi::options::client const&) () from /usr/local/lib/libmongocxx.so._noabi
我通过以下方式实例化连接:
I instanciate the connection with:
mongocxx::instance instance{};
mongocxx::options::ssl ssl_opts;
ssl_opts.pem_file("/path/to/mongodb.pem");
// ssl_opts.allow_invalid_certificates(false); // I have tried this
mongocxx::options::client client_opts;
client_opts.ssl_opts(ssl_opts);
auto client = mongocxx::client{mongocxx::uri{"mongodb://user:pwd@IP:port/?authMechanism=MONGODB-X509&ssl=true"}, client_opts};
并使用以下命令进行编译:
And compile with the following command:
c++ --std=c++11 main.cpp $(pkg-config --cflags --libs libmongocxx) -Wl,-rpath,/usr/local/lib
我无法解决此错误或无法在线找到解决方案,我们将不胜感激.
I have not been able to fix this error or find a solution online, any help would be much appreciated.
版本:
Mongo c-1.10.1
Mongo c - 1.10.1
Mongo cxx-3.3.0
Mongo cxx - 3.3.0
回溯:
(gdb) thread apply all bt
Thread 1 (Thread 0x7fb7ff4000 (LWP 17800)):
#0 0x0000007fb7f6d6a8 in
mongocxx::v_noabi::client::client(mongocxx::v_noabi::uri const&,
mongocxx::v_noabi::options::client const&) () from
/usr/local/lib/libmongocxx.so._noabi
#1 0x00000000004027d0 in main ()
推荐答案
存在一个已知的严重错误,并将options::ssl_opts
传递给C ++驱动程序版本3.3.0中的客户端构造函数,从而导致segfault.此问题已在3.3.1中修复.强烈建议您升级.
There's a known serious bug with passing options::ssl_opts
to the client constructor in the C++ driver version 3.3.0 causing the segfault. This is fixed in 3.3.1. It is highly recommended that you upgrade.
作为3.3.0的解决方法,您可以通过URI字符串传递pem_file选项. URI选项"sslclientcertificatekeyfile"
对应于options::ssl::pem_file
选项.例如:
As a workaround for 3.3.0, you can pass the pem_file option through the URI string. The URI option "sslclientcertificatekeyfile"
corresponds to the options::ssl::pem_file
option. E.g:
auto uri = mongocxx::uri{"mongodb://localhost/?ssl=true&sslclientcertificatekeyfile=/path/to/mongodb.pem"};
但是请尽可能升级到3.3.1.
But do upgrade to 3.3.1 if possible.
这篇关于Mongocxx无法使用SSL连接到mongoDB的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!