Create a ssl connection only for mongodb

Question

I created a ssl mongodb connection like below

    @Bean
    public MongoClientOptions mongoClientOptions() {
        System.setProperty("javax.net.ssl.trustStore","path");
        System.setProperty("javax.net.ssl.trustStorePassword","password");

        System.setProperty("javax.net.ssl.keyStore", "path");
        System.setProperty("javax.net.ssl.keyStorePassword", "password");

        MongoClientOptions.Builder builder = MongoClientOptions.builder();
        return builder.sslEnabled(true).sslInvalidHostNameAllowed(true).build();
    }

but after that other external rest calls(example - getting languages for translate api google) fails and giving below error.

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Anybody know how to resolve this?

score 1 · Accepted Answer · answered May 23 '18 at 14:14

1

You should not not change global properties for changing the SSL/TLS settings.

Instead create your custom SSLContext and initialize it with your trusted certificates and keys. Then generate the SSLSocketFactory from it and provide it to the MongoClientOptions.Builder via socketFactory(SocketFactory socketFactory).

For an example that creates a SSLSocketFactory this way see this answer: https://stackoverflow.com/a/15183924/150978

answered May 23 '18 at 14:14

Robert

39,162
17
99
152

Could you please tell me how do I add key to trust store? – Januka samaranyake May 23 '18 at 14:44
There is a very simple way: use [KeyStore Explorer](http://keystore-explorer.org/). – Robert May 23 '18 at 14:51

Create a ssl connection only for mongodb

1 Answers1