Description:
trying to make it enable but it doesnt work!
always get
--tlsMode disabled
the cr.yaml
spec:
secrets:
keyFile: percona-keyfile
encryptionKey: percona-cluster-mongodb-encryption-key
ssl: percona-cluster-ssl
sslInternal: percona-cluster-ssl-internal
tls:
mode: requireTLS
I followed the guide from Docs to create
percona-cluster-ssl
percona-cluster-ssl-internal
tried the type tls and Opaque, nothing works.
I also tried to put these settings in configuration, but it didnt work!
this
kubectl logs -n percona deploy/psmdb-operator --tail=200 | grep -i tls
returns nothing, always.
Version:
Im on GKE, PMM 2.43.0, Server 8.8.8-3, Backup 2.9.1, Operator 1.20.1
Hello there,
I got it working by downgrading the Operator to 1.20.0, which now accepts all the modes for TLS.
But I cant seem to find a solution to set the
allowConnectionsWithoutCertificates: true
I tried
requireTLS
preferTLS
getting this error while connecting locally, and I added localhost and 127.0.0.1 in server cert as DNS and IP, like this
{
"hosts": [
"localhost",
"127.0.0.1",
"percona-cluster-rs0",
"percona-cluster-rs0.percona",
"percona-cluster-rs0.percona.svc.cluster.local",
"*.percona-cluster-rs0",
"*.percona-cluster-rs0.percona",
"*.percona-cluster-rs0.percona.svc.cluster.local"
],
"CN": "percona-cluster",
"names": [
{ "O": "PSMDB" }
],
"key": {
"algo": "rsa",
"size": 2048
}
}
the error:
Connecting to: mongodb://<credentials>@localhost:27017/admin?directConnection=true&serverSelectionTimeoutMS=2000&tls=true&tlsCAFile=%2Fetc%2Fmongodb-ssl%2Fca.crt&appName=mongosh+2.5.0 MongoServerSelectionError: connection <monitor> to 127.0.0.1:27017 closed
can somebody please help me, I also tried to put in the configuration part, but it doesnt start at all!
configuration: |
net:
bindIpAll: true
ssl:
allowConnectionsWithoutCertificates: true