Configuring TLS for Percona mongodb sharding setup

I tried to setup TLS authentication for my sharded cluster. Created a secret with base64 encoded cert keys. The encoded certs are in format of ca.crt tls.crt and tls.key

apiVersion: v1
ca.crt: XXXXXX
tls.crt: XXXXXX
tls.key: XXXXXX
kind: Secret
name: my-testdb-psmdb-mongo
namespace: percona-operator

And mentioned in cluster.yaml

ssl: my-testdb-psmdb-mongo
sslInternal: my-testdb-psmdb-mongo

in cfg-

QUERY [js] uncaught exception: TypeError: db.isMaster(…).$configServerState is undefined :
@(shell eval):1:1

  •    [main] exiting with code -4
  • exit_status=0
    Exit: connect to PBM: create mongo connection: create mongo client: tls: private key does not match public key
  1. What should be certificate format included in secret?
  2. Is there any extended cert configuration so that we can add our own cluster issuer like venafi
1 Like

Any updates on this?

1 Like