TLS issue #219
Comments
|
Hey,
There have been changes on MongoDB Atlas’ certificates. Could this relate maybe to your problem ?
I quote from an email I received from MongoDB:
„ new TLS certificates created by MongoDB Atlas will use ISRG as its root instead of IdenTrust as of May 1, 2021. This change is in line with the transition made by Let’s Encrypt, the Certificate Authority (CA) used by MongoDB Atlas to issue TLS certificates for all Atlas clusters. Project owners in your organization should have received notification of this change in October 2020, with subsequent reminders sent in March and April 2021.
Atlas uses TLS to ensure that all network traffic to and from the cluster is encrypted. Atlas cluster certificates are rotated every 45 days, so your cluster will move from the IdenTrust to the ISRG root between May 1, 2021 and July 1, 2021.“
Best, Severin
… Am 20.05.2021 um 19:50 schrieb Karakaii ***@***.***>:
Hello,
I used to use mongolite to access my MongoDB Atlas databases. However, one day, I just started getting this error whenever I try to access my database.
> players <- mongo("players", url = uri)$find(
+ fields='{}'
+ )
Error: No suitable servers found (`serverSelectionTryOnce` set): [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed calling ismaster on 'XXXX:27017'] [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed calling ismaster on 'XXXX:27017'] [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_c
(I have replaced the name of my cluster with XXXX).
I have mongolite version 2.3.1. I also tried by installing the GitHub version. I tried updating all my packages. I tried reinstalling my packages, reinstalling R and R Studio. I tried on VPN and on my own wifi connection. I am on Windows 1, R version 4.1.0., R Studio Version 1.4.1106.
I know someone else on Windows who can use mongolite to access the database. I can't seem to find a solution to this problem. Could you help me, please?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
|
Hi @herrseverin, If it was about the certificates, is there a solution on the mongolite side? Or would I have to change the certificates on my MongoDB Atlas cluster? |
|
Are your colleagues using the same version of mongolite on Windows? Perhaps there is an issue with your Windows certificate settings. Have you installed the latest Windows updates? As a workaround perhaps you can disable cert validation: m <- mongo(......, options = ssl_options(weak_cert_validation = T))This topic suggests some versions of Windows are missing the new ISRG cert, however I would guess most of your websites don't work if that really is the caase. But you could try fixes from there as well: https://community.letsencrypt.org/t/isrg-root-lazy-loading-problem-missing-from-random-updated-windows-10-versions/141550/4 |
|
Thank you so much for your answer @jeroen. I have updated my windows, and I still have the same issues. However, your solution with the |
|
Setting weak_cert_validation = T did not reliably fix it for me. I don't think it is related to weak certificates. The MongoDB server certificate validates running this code: > packageVersion('openssl')
[1] ‘1.4.3’
> library(openssl)
> cert <- download_ssl_cert("XXX", 1234)
> cert_verify(cert, ca_bundle())
[1] TRUE
> print(cert)
[[1]]
[x509 certificate] *.xxxxx
md5: xxxxx
sha1: xxxxx
[[2]]
[x509 certificate] xxx
md5: xxxxx
sha1: xxxxx
> as.list(cert[[1]])
$subject
[1] "CN=*.xxxxx"
$issuer
[1] "CN=R3,O=Let's Encrypt,C=US"
$algorithm
[1] "sha256WithRSAEncryption"
$signature
[xxx]
$validity
[1] "xxxxx" "xxxxx"
$self_signed
[1] FALSE
$alt_names
[1] "*.xxx" "*.xxx"
[3] "*.xxx"
$pubkey
[4096-bit rsa public key]
md5: xxxxxxx
|
|
What does work for me is adding i.e., I suspect the call to
|
|
Please try again with mongolite 2.4.1 or newer |
|
Hello! I have tried everything on this issue, I have the next error in RStudio: I have tried:
But nothing works, any ideas? Thank you! |
|
@vane2890
|
|
Following this as I also have the same issue on my local development setup. |
|
I seem to have met the same error. When trying to connect to my mongodb atlas cloud database, using this command: I receive: I am able to connect using pymongo and MongoDB Compass using the same username/password and clustername. Any other ideas would be appreciated! |
|
@JulianUmbhau which operating system are you on? Does this work for you? library(mongolite)
example(mongo) |
|
@jeroen I am running Windows10 Home (Version 10.0.19044 Build 19044) |
Hello,
I used to use mongolite to access my MongoDB Atlas databases. However, one day, I just started getting this error whenever I try to access my database.
(I have replaced the name of my cluster with XXXX).
I have mongolite version 2.3.1. I also tried by installing the GitHub version. I tried updating all my packages. I tried reinstalling my packages, reinstalling R and R Studio. I tried on VPN and on my own wifi connection. I am on Windows 1, R version 4.1.0., R Studio Version 1.4.1106.
I know someone else on Windows who can use mongolite to access the database. I can't seem to find a solution to this problem. Could you help me, please?
The text was updated successfully, but these errors were encountered: