Question

DO Managed MongoDB database - connectivity issue using the CA certificate with Studio 3T Intellishell

Have setup a MongoDB and can successfully connect to it (MacOS - Big Sur) using terminal and Studio 3T.

But when I use Intellishell, i get the following error

MongoDB shell version v4.0.20
2022-03-10T11:27:27.522+1030 E NETWORK  [js] SSL peer certificate validation failed: Certificate trust failure: CSSMERR_TP_CERT_SUSPENDED; connection rejected
2022-03-10T11:27:27.523+1030 E QUERY    [js] Error: couldn't connect to server managed-mongo-databases-b8a6a403.mongo.ondigitalocean.com:27017, connection attempt failed: SSLHandshakeFailed: SSL peer certificate validation failed: Certificate trust failure: CSSMERR_TP_CERT_SUSPENDED; connection rejected :
@(shell):1:6

Seems like the issue has to do with macOS [https://support.apple.com/en-us/HT210176](apple support)

  • TLS server certificates and issuing CAs using RSA keys must use key sizes greater than or equal to 2048 bits. Certificates using RSA key sizes smaller than 2048 bits are no longer trusted for TLS.
  • TLS server certificates and issuing CAs must use a hash algorithm from the SHA-2 family in the signature algorithm. SHA-1 signed certificates are no longer trusted for TLS.
  • TLS server certificates must present the DNS name of the server in the Subject Alternative Name extension of the certificate. DNS names in the CommonName of a certificate are no longer trusted.Item

Any ideas?


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer