Grails: how to access mongodb via SSL
I wrote a grails 3.3 + mongo 4.0.4 app but in production the mongo server only accepts connections via SSL (self signed cert). I haven't found anywhere documentation on how to configure GORM for mongo (http://gorm.grails.org/latest/mongodb/manual/). There is an option (sslEnabled and I assume I should use the socketFactory) for using SSL enabled connections in grails but I'm not sure how to configure the connection
mongodb ssl grails
asked Nov 14 '18 at 10:57
Nick De GreekNick De Greek
9251914
add a comment |
I wrote a grails 3.3 + mongo 4.0.4 app but in production the mongo server only accepts connections via SSL (self signed cert). I haven't found anywhere documentation on how to configure GORM for mongo (http://gorm.grails.org/latest/mongodb/manual/). There is an option (sslEnabled and I assume I should use the socketFactory) for using SSL enabled connections in grails but I'm not sure how to configure the connection
mongodb ssl grails
asked Nov 14 '18 at 10:57
Nick De GreekNick De Greek
9251914
Using what with Grails exactly? GORM? Or just the plain Java Driver?
– Neil Lunn
Nov 14 '18 at 10:58
You're absolutely right, I wasn't clear. I'm editing my question now
– Nick De Greek
Nov 14 '18 at 13:43
add a comment |
I wrote a grails 3.3 + mongo 4.0.4 app but in production the mongo server only accepts connections via SSL (self signed cert). I haven't found anywhere documentation on how to configure GORM for mongo (http://gorm.grails.org/latest/mongodb/manual/). There is an option (sslEnabled and I assume I should use the socketFactory) for using SSL enabled connections in grails but I'm not sure how to configure the connection
mongodb ssl grails
asked Nov 14 '18 at 10:57
Nick De GreekNick De Greek
9251914
I wrote a grails 3.3 + mongo 4.0.4 app but in production the mongo server only accepts connections via SSL (self signed cert). I haven't found anywhere documentation on how to configure GORM for mongo (http://gorm.grails.org/latest/mongodb/manual/). There is an option (sslEnabled and I assume I should use the socketFactory) for using SSL enabled connections in grails but I'm not sure how to configure the connection
mongodb ssl grails
mongodb ssl grails
asked Nov 14 '18 at 10:57
Nick De GreekNick De Greek
9251914
asked Nov 14 '18 at 10:57
Nick De GreekNick De Greek
9251914
edited Nov 14 '18 at 13:47
Nick De Greek
asked Nov 14 '18 at 10:57
Nick De GreekNick De Greek
9251914
asked Nov 14 '18 at 10:57
Nick De GreekNick De Greek
9251914
asked Nov 14 '18 at 10:57
Nick De GreekNick De Greek
9251914
9251914
Using what with Grails exactly? GORM? Or just the plain Java Driver?
– Neil Lunn
Nov 14 '18 at 10:58
You're absolutely right, I wasn't clear. I'm editing my question now
– Nick De Greek
Nov 14 '18 at 13:43
add a comment |
Using what with Grails exactly? GORM? Or just the plain Java Driver?
– Neil Lunn
Nov 14 '18 at 10:58
You're absolutely right, I wasn't clear. I'm editing my question now
– Nick De Greek
Nov 14 '18 at 13:43
Using what with Grails exactly? GORM? Or just the plain Java Driver?
– Neil Lunn
Nov 14 '18 at 10:58
Using what with Grails exactly? GORM? Or just the plain Java Driver?
– Neil Lunn
Nov 14 '18 at 10:58
You're absolutely right, I wasn't clear. I'm editing my question now
– Nick De Greek
Nov 14 '18 at 13:43
You're absolutely right, I wasn't clear. I'm editing my question now
– Nick De Greek
Nov 14 '18 at 13:43
add a comment |
1 Answer
1
active
oldest
votes
To whom it has the exact same issue with me, I still don't have a proper way of connecting to a mongodb from grails directly using SSL. The indirect solution that I've found is to deploy on the machine that runs grails a mongos client (mongo sharding client) enable SSL in order to connect to the database but leave the local connection without encryption. Thus, I can access the remote database securely via SSL but still connect using clear connection between mongos and grails. The mongos config should look like this:
net:
ssl:
mode: preferSSL
PEMKeyFile: /installDir/cert.pem
CAFile: /installDir/chain.pem
clusterFile: /installDir/cert.pem
port: 27017
bindIp: 0.0.0.0
security:
clusterAuthMode: x509
The preferSSL allows mongos to connect using SSL to the database and still allow the grails app to connect cleartext to mongos
answered Dec 6 '18 at 15:56
Nick De GreekNick De Greek
9251914
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53298584%2fgrails-how-to-access-mongodb-via-ssl%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
To whom it has the exact same issue with me, I still don't have a proper way of connecting to a mongodb from grails directly using SSL. The indirect solution that I've found is to deploy on the machine that runs grails a mongos client (mongo sharding client) enable SSL in order to connect to the database but leave the local connection without encryption. Thus, I can access the remote database securely via SSL but still connect using clear connection between mongos and grails. The mongos config should look like this:
net:
ssl:
mode: preferSSL
PEMKeyFile: /installDir/cert.pem
CAFile: /installDir/chain.pem
clusterFile: /installDir/cert.pem
port: 27017
bindIp: 0.0.0.0
security:
clusterAuthMode: x509
The preferSSL allows mongos to connect using SSL to the database and still allow the grails app to connect cleartext to mongos
answered Dec 6 '18 at 15:56
Nick De GreekNick De Greek
9251914
add a comment |
To whom it has the exact same issue with me, I still don't have a proper way of connecting to a mongodb from grails directly using SSL. The indirect solution that I've found is to deploy on the machine that runs grails a mongos client (mongo sharding client) enable SSL in order to connect to the database but leave the local connection without encryption. Thus, I can access the remote database securely via SSL but still connect using clear connection between mongos and grails. The mongos config should look like this:
net:
ssl:
mode: preferSSL
PEMKeyFile: /installDir/cert.pem
CAFile: /installDir/chain.pem
clusterFile: /installDir/cert.pem
port: 27017
bindIp: 0.0.0.0
security:
clusterAuthMode: x509
The preferSSL allows mongos to connect using SSL to the database and still allow the grails app to connect cleartext to mongos
answered Dec 6 '18 at 15:56
Nick De GreekNick De Greek
9251914
add a comment |
To whom it has the exact same issue with me, I still don't have a proper way of connecting to a mongodb from grails directly using SSL. The indirect solution that I've found is to deploy on the machine that runs grails a mongos client (mongo sharding client) enable SSL in order to connect to the database but leave the local connection without encryption. Thus, I can access the remote database securely via SSL but still connect using clear connection between mongos and grails. The mongos config should look like this:
net:
ssl:
mode: preferSSL
PEMKeyFile: /installDir/cert.pem
CAFile: /installDir/chain.pem
clusterFile: /installDir/cert.pem
port: 27017
bindIp: 0.0.0.0
security:
clusterAuthMode: x509
The preferSSL allows mongos to connect using SSL to the database and still allow the grails app to connect cleartext to mongos
answered Dec 6 '18 at 15:56
Nick De GreekNick De Greek
9251914
To whom it has the exact same issue with me, I still don't have a proper way of connecting to a mongodb from grails directly using SSL. The indirect solution that I've found is to deploy on the machine that runs grails a mongos client (mongo sharding client) enable SSL in order to connect to the database but leave the local connection without encryption. Thus, I can access the remote database securely via SSL but still connect using clear connection between mongos and grails. The mongos config should look like this:
net:
ssl:
mode: preferSSL
PEMKeyFile: /installDir/cert.pem
CAFile: /installDir/chain.pem
clusterFile: /installDir/cert.pem
port: 27017
bindIp: 0.0.0.0
security:
clusterAuthMode: x509
The preferSSL allows mongos to connect using SSL to the database and still allow the grails app to connect cleartext to mongos
answered Dec 6 '18 at 15:56
Nick De GreekNick De Greek
9251914
answered Dec 6 '18 at 15:56
Nick De GreekNick De Greek
9251914
answered Dec 6 '18 at 15:56
Nick De GreekNick De Greek
9251914
answered Dec 6 '18 at 15:56
Nick De GreekNick De Greek
9251914
9251914
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53298584%2fgrails-how-to-access-mongodb-via-ssl%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Using what with Grails exactly? GORM? Or just the plain Java Driver?
– Neil Lunn
Nov 14 '18 at 10:58
You're absolutely right, I wasn't clear. I'm editing my question now
– Nick De Greek
Nov 14 '18 at 13:43