1

I'm trying to connect to a local MongoDB using only a URI string over TLS. I can connect just fine using flags, but for my project's purposes I'd like to have a URI string too.

For example, the following works:

mongo mongodb://127.0.0.1:27017/dbName --tls --tlsCAFile=/path/to/ca.pem --tlsCertificateKeyFile=/path/to/key.pem

But I'd like for something like this to work:

mongo 'mongodb://127.0.0.1:27017/dbName?tls=true&tlsCAFile=/path/to/ca.pem&tlsCertificateKeyFile=/path/to/key.pem'

How do I write this URI string to get it to work for my intended purposes?

Any help is appreciated, thanks.

Emiliano Viotti
  • 1,619
  • 2
  • 16
  • 30
automated-tester
  • 11
  • 2
  • 1 - the values should be urlencoded; 2 - tlsCAFile is not allowed in mongo shell (but allowed in python client) https://stackoverflow.com/a/66511992/5670686 – salah Jul 27 '23 at 22:36

1 Answers1

0

I've figured these two variants to work the same way (this includes username and password in addition to the client certificate):

mongouri = 'mongodb://user_name:password@host.de:12345/db_name?tls=true&tlscafile=/path/to/certs/ca_cert.pem&tlscertificatekeyfile=/path/to/certs/client.pem&authSource=auth_db_name'
mongo_client = MongoClient(mongouri)

or

mongo_client = MongoClient('host.de:12345', tls=True, tlscafile='/path/to/certs/ca_cert.pem', tlscertificatekeyfile='/path/to/certs/client.pem', username='user_name', password='password', authSource='auth_db_name')

note: passwords not containing '@' make things easier ... and the case of True vs. true does matter.

andreas
  • 1
  • 1