Hi there !
I’m working with an image of mongodb 7.0 in docker and i wanted to add a pbm-agent on my shared replicaset cluster.
To do that i put a role and user with large access in every node Primary mongod and Config Replicaset.
However, when i add a conteneer docker with pbm in primary node rs0, it says an error “SSLHandshakeFailed” to connect with my cluster.
I use tls for my cluster and i dont want to remove it.
What can i do ? It’s my first time with Percona and i dont know if i missed an important things.
I would like to connect my pbm with tls or accept that it is a self-signed certificate.
Docker command used :
docker run --name pbm-agent-rs0 --net host --mount type=bind,src=/***/***/***/****/CA.crt,dst=/home/CA.crt,readonly=true -it --rm -e PBM_MONGODB_URI="mongodb://user:password@host:port,host:port/?authSource=admin&replSetName=rs0&tls=true&tlsCAFile=/home/CA.crt&allowInvalidCertificates=true&allowInvalidHostnames=true" percona/percona-backup-mongodb:2
Log error in pbm-agent-rs0 :
Log of destination server :
{"t":{"$date":"2025-07-04T08:35:39.361+00:00"},"s":"I", "c":"NETWORK", "id":22943, "ctx":"listener","msg":"Connection accepted",
"attr":{"remote":"**,"uuid":{"uuid":{"$uuid":"*"}},"connectionId":468504,"connectionCount":76}}
{"t":{"$date":"2025-07-04T08:35:39.363+00:00"},"s":"I", "c":"NETWORK", "id":6723804, "ctx":"conn468504","msg":"Ingress TLS handshake complete","attr":{"durationMillis":2}}
{"t":{"$date":"2025-07-04T08:35:39.363+00:00"},"s":"W", "c":"NETWORK", "id":23234, "ctx":"conn468504","msg":"No SSL certificate provided by peer"}
{"t":{"$date":"2025-07-04T08:35:39.363+00:00"},"s":"I", "c":"NETWORK", "id":22944, "ctx":"conn468504","msg":"Connection ended"
Thanks you