我已经配置了文档https://docs.mongodb.com/manual/core/security-x.509/ 中给出的MongoDB服务器,并且我使用mongo shell进行连接,它工作正常。无法使用c#中的x509证书认证连接到MongoDB服务器#
接下来我试图连接到相同的服务器形式的C#驱动程序,但超时异常引发。 下面是我的代码
var cert = new X509Certificate2(@"C:\Program Files\MongoDB\Server\3.2\ssl\client.pfx", "secretkey");
var sslcrd = MongoCredential.CreateMongoX509Credential("CN=Client1,O=School,ST=Some-State,C=IN");
settings.SslSettings = new SslSettings() ;
settings.UseSsl = true;
settings.SslSettings.ClientCertificates = new List<X509Certificate>()
{
cert
};
settings.SslSettings.EnabledSslProtocols = SslProtocols.Default;
settings.SslSettings.ClientCertificateSelectionCallback =
(sender, host, certificates, certificate, issuers) => settings.SslSettings.ClientCertificates.ToList()[0];
settings.SslSettings.ServerCertificateValidationCallback = (sender, certificate, chain, errors) => true;
settings.SslSettings.CheckCertificateRevocation = false;
settings.VerifySslCertificate = false;
settings.Credentials = new[] { sslcrd };
MongoClient client = new MongoClient(settings);
var db = client.ListDatabases().ToList();
我通过MongoDB的服务器日志去了,我能看到下面的错误
2017-04-10T11:18:21.559 + 0530我网[initandlisten]连接 接受自 127.0.0.1:53901#64(1个连接现在打开)2017-04-10T11:18:21.559 + 0530E NETWORK [conn64]否SSL证书 由peer提供;连接拒绝2017-04-10T11:18:21.560 + 0530我 NETWORK [conn64]端连接127.0.0.1:53901(0连接现在 开放)
我使用C#MongoDB.Driver版本2.3.0 和MongoDB包的版本是3.2。
如果您有解决上述问题,请回复。
嗨Mahdi, 我在Mongo服务器上面设置属性,我面临错误,“2017-04-10T16:09:33.171 + 0530我访问[conn49]无法验证CN = Client1,O = School, ST = Some-State,C = IN @ $ external with mechanism MONGODB-X509:AuthenticationFailed:没有与用户匹配的x.509客户端证书。“ –
另外在mongo shell中,我们也应该在启动时指定CA pem文件,但是在c#中我没有指定CA pem文件(我没有找到指定它的任何api),有没有指定CA文件的任何api? –