Question

How to create SSL certificate on Ubuntu(22.04 (LTS) x64) droplet for Mongo?

Posted on February 14, 2023
MongoDB
Asked by dev.dark.dao

I need a certificate to connect to the MongoDB Cluster. How to create it?

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

dev.dark.dao • February 18, 2023

Accepted Answer

I solved this problem. When I ran the code directly from Node Js, the connection was successful. When I ran the code from the Docker container, the mongoose did not connect.

You need to add the following dns config to docker compose:

version: '3'
...
  backend:
    build:
      context: .
      dockerfile: Dockerfile
    dns:
      - 8.8.8.8
      - 4.4.4.4

Mongoose connection code for DigitalOcean Mongodb Cluster

import mongoose from 'mongoose'
...
const mongoConnectionString = 'CONNECTION_STRING_FROM_DIGITAL_OCEAN_ADMIN_PANEL';
const mongoDbName = ''
const mongooseOptions = {
    user: mongoUserLogin,
    pass: mongoUserPassword,
    tls: true,
    dbName: mongoDbName,
    tlsInsecure: true,
    useUnifiedTopology: true,
    useNewUrlParser: true,
    keepAlive: true
}
mongoose.connect(mongoConnectionString, mongooseOptions)
  .then(() => {
    console.log('Mongo is connected')
  })
  .catch(error => {
    console.log('MONGO_ERROR_CONNECTION')
  })

Bobby Iliev

Site Moderator

• February 19, 2023

Hi there,

Happy to hear that you’ve got it all working! And thank you for sharing your solution here with the community!

Bobby Iliev

Site Moderator

• February 15, 2023

Hi there,

In case that you are referring to the Managed MongoDB clusters, there will be no need to generate a new SSL certificate. You will just need to make sure to use a TLS compatible MongoDB client to connect like mongo and specify the --tls flag.

For more information you can follow the docs here:

https://docs.digitalocean.com/products/databases/mongodb/how-to/connect/#connect-to-the-database

Let me know if you have any questions.

Best,

Bobby

dev.dark.dao • February 16, 2023

I’m using mongoose to connect to a database on js node side. I can connect from my computer without problems. But when I run the code on the droplet, I always get the error:

dbevent: disconnected
READYSTATE 0
MONGO_ERROR_CONNECTION
Error: querySrv ETIMEOUT _mongodb._tcp.<MY_MONGO_CLUSTER>.mongo.ondigitalocean.com
    at QueryReqWrap.onresolve [as oncomplete] (internal/dns/promises.js:174:17) {
  errno: 'ETIMEOUT',
  code: 'ETIMEOUT',
  syscall: 'querySrv',
  hostname: '_mongodb._tcp.<MY_MONGO_CLUSTER>.mongo.ondigitalocean.com'
}
dbevent: error: Error: querySrv ETIMEOUT _mongodb._tcp.<MY_MONGO_CLUSTER>.mongo.ondigitalocean.com

dev.dark.dao • February 16, 2023

Another important observation. When I connect from a droplet that is in Frankfurt to a base that is also in Frankfurt, I get an error. But when I connect from another droplet, which is in the Netherlands, the connection is successful

Bobby Iliev

Site Moderator

• February 16, 2023

Hi there!

Thank you for the additional information! This is quite interesting, what is the exact OS version on the two Droplets?

cat /etc/os-release

And also does the Node.js version on the two Droplets also match?

If possible, would you mind sharing just the connection string so I could take a quick look as well?

dev.dark.dao • February 16, 2023

Droplet which is in the Netherlands

NAME="Ubuntu"
VERSION="20.04.4 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.4 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal

Droplet which is in Frankfurt

PRETTY_NAME="Ubuntu 22.04.1 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.1 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy

The code is run from a docker container. Node version node:12.18.1-alpine

Connection to mongodb:

const mongoose = require('mongoose')

try {
  let mongoConnectionString = `mongodb+srv://<USERNAME>:<PASSWORD>@<MY_MONGO_CLUSTER>/<DB_NAME>?tls=true&authSource=admin&replicaSet=<REPLICA_NAME>`

  const mongooseOptions = {
    user: 'USERNAME',
    pass: 'PASSWORD',
    tls: true,
    tlsInsecure: true,
    useUnifiedTopology: true,
    useNewUrlParser: true
  }

  mongoose
    .connect(mongoConnectionString, mongooseOptions)
    .then(res => {
      console.log('MONGO IS CONNECTED')
      ...
    })
    .catch(error => {
      console.log('MONGO_ERROR_CONNECTION')
      console.log(error)
    })

  mongoose.connection.on('connected', () => {
    console.log('dbevent: open')
    if (mongoose.connection.client.s.url.startsWith('mongodb+srv')) {
      console.log('SRV EXIST')
      mongoose.connection.db = mongoose.connection.client.db('DB_NAME')
    }
  })
  ...
} catch (error) {
  console.error(error)
}

dev.dark.dao • February 16, 2023

This comment has been deleted

dev.dark.dao • February 16, 2023

This comment has been deleted

dev.dark.dao • February 16, 2023

This comment has been deleted

dev.dark.dao • February 16, 2023

This comment has been deleted

dev.dark.dao • February 16, 2023

This comment has been deleted

dev.dark.dao • February 16, 2023

This comment has been deleted