Cannot verify MongoDB connection with /usr/local/percona/pmm-client/mongodb_exporter error msg=“Could not connect to mongoprimary:27017. Got: x509: certificate signed by unknown authority

Hi,

We are facing issue with mongodb connection add for TLS enabled percona for mongodb server

Without TLS its working fine , but with TLS connection add its not working . Please help us to resolve this

Also ensure , below command is correct

pmm-admin add mongodb --uri mongodb://pmm_mongodb:password@mongoprimary:27017/?ssl=true&sslCAFile=/etc/mongodb/ssl/ca.pem&sslPEMKeyFile=/etc/mongodb/ssl/server.pem

Error :

[1] 18335
[2] 18336
root@mongoprimary:~# [linux:metrics] OK, already monitoring this system.
[mongodb:metrics] Error adding MongoDB metrics: cannot verify MongoDB connection with /usr/local/percona/pmm-client/mongodb_exporter --test: exit status 1: time=“2022-01-06T14:36:50Z” level=error msg=“Could not connect to mongoprimary:27017. Got: x509: certificate signed by unknown authority” source=“connection.go:117”
time=“2022-01-06T14:36:50Z” level=error msg=“Cannot connect to server using url mongodb://:@mongoprimary:27017: no reachable servers” source=“connection.go:84”
time=“2022-01-06T14:36:50Z” level=error msg=“Can’t connect to MongoDB: Cannot connect using uri: mongodb://pmm_mongodb:password@mongoprimary:27017/?” source=“mongodb_exporter.go:104”

Is this issue resolved?

Hi, the issue is related to the unquoted string that causes the shell to misinterpret the URI characters.
The proper way to add a TLS agent is as follows:

pmm-admin add mongodb --username=pmm_mongodb --password=password --tls --tls-certificate-key-file=/etc/mongodb/ssl/server.pem --tls-ca-file=/etc/mongodb/ssl/ca.pem --host=mongoprimary --port=27017