Connecting to your MongoDB instance with a client certificate

Connect your MongoDB instance with a client certificate

Complete the following steps to securely connect to your MongoDB instance with a client certificate:

  1. Create a database.

  2. Create a user without a password.

  3. Generate a Certificate Signing Request (CSR).

  4. Locate your Connection string.

  5. Download your Certificate Authority (CA) file.

  6. Connect with MongoDB.

Create a database

Use the following steps to create a database.

  1. Log in to Mission Control.

  2. Select your instance.

  3. Select View more details

  4. Select the Database tab from the instance Details screen.

  5. Enter a name for your database and select the checkmark.

    _images/mongodb_cloud_database.png

Create a user

Use the following steps to create a new user.

  1. Log in to Mission Control.

  2. Select your instance.

  3. Select View more details

  4. Select the Users tab from the instance Details screen.

  5. Enter a name and role for your new user. Leave the password field blank. You can also grant the user access to a database.

    Note

    Create a database before creating a user.

  6. Select the checkmark.

    _images/mongodb_cloud_user.png

Generate a Certificate Signing Request (CSR)

Use an SSL utility such as openssl to generate a CSR.

Review the ObjectRocket API documents for more information on generating a CSR.

Locate your connection string and download your CA file

Each new ObjectRocket instance has a unique hostname and port combination.

To access your Connection string:

  1. Log in to Mission Control.

  2. Select your instance.

  3. Select View more details

  4. Select the Connect tab of the instance Details screen.

  5. View and copy your connection string.

  6. Download the CA file for your instance.

    _images/mongodb_cloud_connect.png

Connect with MongoDB

Use the following steps to connect with your MongoDB instance.

  1. Change the DBName in the connection string to the database with which you want to connect.

  2. Connect to your MongoDB instance by using the certificate files.

Note

SSL use is deprecated in MongoDB. TLS is preferred.

Note

The MongoDB client for Mac does not allow connection because of the length of the connection string.

Note

Users without a password are authorized with the $external database and with the MONGODB-X509 mechanism, so you have to add the following flags to the connection command:

–authenticationDatabase ‘$external’ –authenticationMechanism MONGODB-X509

Contact the Support team if you have any questions or need additional assistance.