Mongocxx and SSL problems

I have a MongoDB that is hosted on AWS, that I can successfully connect to with SSL via Studio3T using a self signed CA file and PEM file generated following the instructions in Appendix A, B, and C in the MongoDB Manual, however when I use the exact same setup for trying to connect via Mongocxx (CA file, PEM file, SCRAM-SHA-256, etc.) I continuously get the error stating “No suitable servers found: serverselectiontimeoutms timed out: [TLS handshake failed calling ismaster”. I have tried numerous versions of Mongocxx, but my latest attempt is with Mongocxx 3.4.1 and we’re running MongoDB 4.0 on the server. Does anyone have this working in Mongocxx? Can you share the setup you are using on both server and client to get a successful connection?

My current attempts via Mongocxx look like below. The username/password and domain name shown in the code are not valid, for security reasons. See anything I’m doing wrong?

    mongocxx::uri uri1{ "mongodb://username:password@host.com:27017/?ssl=true&serverSelectionTryOnce=false&serverSelectionTimeoutMS=15000&connectTimeoutMS=10000&authSource=admin&authMechanism=SCRAM-SHA-256" };
    mongocxx::options::client client_options;
    mongocxx::options::ssl ssl_options;

    ssl_options.allow_invalid_certificates(true);
    ssl_options.ca_file("C:\\mojo\\applications\\bin\\database\\local_4.0\\test-ca.pem");
    ssl_options.pem_file("C:\\mojo\\applications\\bin\\database\\local_4.0\\test-client.pem");
    client_options.ssl_opts(ssl_options);

    auto conn = mongocxx::client{ uri1, client_options };
    mongocxx::database db = conn["test"];
    mongocxx::collection events = db["events"];

    bsoncxx::builder::basic::document server_status{};
    server_status.append(bsoncxx::builder::basic::kvp("serverStatus", 1));
    bsoncxx::document::value output = conn["test"].run_command(server_status.extract());

Everything runs without error until I execute the “run_command” which returns with the error I mentioned above. Any help would be greatly appreciated! Thanks!

Hi @Mark_Muench,

I’m not sure off-hand what the issue is, but I have a few questions:

  1. What version of the C driver are you using?
  2. What platform are you running the driver on?
  3. To confirm, are these the manual instructions you are referring to? https://docs.mongodb.com/manual/appendix/security/appendixA-openssl-ca/
  4. Are you able to connect using the same URI with another MongoDB driver or the shell?

Best,
Kevin

Kevin,

Thanks so much for your reply! Here’s my answers to your questions:

  1. We are using MongoDB 4.0 and I have tried several versions of Mongocxx, but the latest attempt is with Mongocxx 3.4.1.
  2. Windows 10
  3. Yes those are the instructions I’m referring to.
  4. We can successfully connect to the AWS DB iwth Studio3T, Robo3T, and Compass, but never with Mongocxx.

Thanks again for your help with this!

Mark