我正在尝试将NodeJS服务器连接到启用TLS的AWS documentDB集群。NodeJS服务器托管在EC2示例上,并且与documentDB集群位于同一个VPC上。但我得到以下错误:
{ MongoServerSelectionError: unable to get local issuer certificate
at Timeout.waitQueueMember.timer.setTimeout [as _onTimeout] (/home/ubuntu/server/node_modules/mongodb/lib/core/sdam/topology.js:438:30)
at ontimeout (timers.js:436:11)
at tryOnTimeout (timers.js:300:5)
at listOnTimeout (timers.js:263:5)
at Timer.processTimers (timers.js:223:10)
name: 'MongoServerSelectionError',
reason:
TopologyDescription {
type: 'ReplicaSetNoPrimary',
setName: null,
maxSetVersion: null,
maxElectionId: null,
servers:
Map {
'*******.cluster-****.us-east-1.docdb.amazonaws.com:27017' => [ServerDescription] },
stale: false,
compatible: true,
compatibilityError: null,
logicalSessionTimeoutMinutes: null,
heartbeatFrequencyMS: 10000,
localThresholdMS: 15,
commonWireVersion: null } }错误似乎与TLS证书有关。但我在连接时传递rds-combined-ca-bundle.pem的内容,如以下代码所示:
uri = process.env.MONGODB_URI || process.env.Db_url;
options = {
user: "****",
pass: "****",
}
mongoose.set("useCreateIndex", true);
mongoose.connect(
uri,
{
useNewUrlParser: true,
useFindAndModify: false,
useUnifiedTopology: true,
sslCA: [fs.readFileSync("/home/ubuntu/rds-combined-ca-bundle.pem")],
},
err => {
if (err) {
console.log('Connection Error: ', err);
} else {
console.log(`Successfully Connected============`);
}
}
);我已经尝试使用以下命令在EC2示例上使用mongo shell连接到mongo集群
mongo --ssl --host *******.cluster-****.us-east-1.docdb.amazonaws.com:27017 \
--sslCAFile rds-combined-ca-bundle.pem --username ***** --password *****而且这很有效因此,到集群的连接是正常的,但 Mongoose 无法连接。
还有其他方法可以使用mongoose连接到documentDB吗?
2条答案
按热度按时间bmp9r5qi1#
可以添加SSL:真的吗?这样的事情对我来说很有效:
twh00eeo2#
您使用的mongoose版本是什么?在我的项目中, Mongoose 5号。x工作得很好,但一旦更新到6。x它不会连接到documentdb。
注: Mongoose 版本〈6。4.6被认为是脆弱的。https://security.snyk.io/package/npm/mongoose