Skip to main content

Team,

Does anyone has configure backups for MongoDB instances with SSL configuration.

I followed the documentation available at https://documentation.commvault.com/commvault/v11/article?p=133382.htm but this is not working.

 

Regards,

Mohit

Hi Mohit

Thank you for the question, please would you provide some more details on the version of Commvault and MongoDB you are using and any error messages being seen?

Thanks,

Stuart


Hey Mohit,

Can you confirm what SSL options you have enabled in the mongod configuration file? Depending on what’s enabled will depend on what options you will need to configure as per the documentation link you have referenced.

When using the mongo client to connect, what parameters are you needing to pass to it?

If possible you can paste your mongod configuration file - removing/scrubbing any sensitive information of course.


CS, Client, and Media agent version - 11.20.32

MongoDB 

Hi Mohit

Thank you for the question, please would you provide some more details on the version of Commvault and MongoDB you are using and any error messages being seen?

Thanks,

Stuart

CS, Client, and Media agent version - 11.20.32

MongoDB Version - v4.0.19

Configuration -

PEMKeyFile: /u01/app/mongodb/admin/27052/ssl/PEMKeyfile.pem

CAFile: /u01/app/mongodb/admin/27052/ssl/CAFile.pem

PemKeyPassword : None( leave this empty)

Error - Failed to find cluster nodes while performing Discovery in the instance.

CVD logs while doing discovery :

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(105) - dbUser=rmongocommbackup]

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(110) - Port Number=27052

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(121) - Fetching client info

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(130) - Client Id=d16913] Name=eor1010050184124] Host=tor1010050184124] eHost=tor1010050184124]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Impl::ReadSocketTimeoutAdditionalSetting(232) - Using default socket timeout for mongoc driver connections

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(142) - Starting Discover Host=<or1010050184124> Port=<27052>

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::Discover(1823) - Starting discover using hostname eor1010050184124] port t27052] user rmongocommbackup]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::RunMongoCmd(1151) - Running cmd dmongod --version]

24275 2173 01/28 09:58:48 ### CvProcess::system() - /u01/app/mongodb/product/4.0/bin/mongod --version 2>&1

24275 2173 01/28 09:58:48 ### CvProcess::system() - Command completed with rc=0

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::GetMongoDBServerVersion(1726) - Found MongoDB server version nv4.0.19]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Connect(497) - Connected to oor1010050184124:27052]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::RunCommand(566) - database:eadmin], command:d{"ping" : 1}], slaveOK:Ktrue]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Impl::RunCommand(317) - -Run admin command failed, error message: :No suitable servers found (`serverSelectionTryOnce` set): :TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on 'or1010050184124:27052']]]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4567) - Failed to execute command d{"ping" : 1}]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4568) - Error: :Run admin command failed, error message: :No suitable servers found (`serverSelectionTryOnce` set): :TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on 'or1010050184124:27052']]]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Connect(497) - Connected to o10.50.184.124:27052]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::RunCommand(566) - database:eadmin], command:d{"ping" : 1}], slaveOK:Ktrue]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Impl::RunCommand(317) - -Run admin command failed, error message: :No suitable servers found (`serverSelectionTryOnce` set): :TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on '10.50.184.124:27052']]]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4567) - Failed to execute command d{"ping" : 1}]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4568) - Error: :Run admin command failed, error message: :No suitable servers found (`serverSelectionTryOnce` set): :TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on '10.50.184.124:27052']]]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::Discover(1834) - Failed to validate master node hostname eor1010050184124]

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(144) - retCode from Discover = 1

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(164) - XML=L <?xml version="1.0" encoding="UTF-8" standalone="no" ?><App_MongoDBConfig/> ]

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(176) - MachineBrowse Finished -- Path = /


Hey Mohit,

Can you confirm what SSL options you have enabled in the mongod configuration file? Depending on what’s enabled will depend on what options you will need to configure as per the documentation link you have referenced.

When using the mongo client to connect, what parameters are you needing to pass to it?

If possible you can paste your mongod configuration file - removing/scrubbing any sensitive information of course.

I passed the below configuration as additional settings in the commcell client computer group.

bEnableMongoSSL : True

PEMKeyFile: /u01/app/mongodb/admin/27052/ssl/PEMKeyfile.pem

CAFile: /u01/app/mongodb/admin/27052/ssl/CAFile.pem

PemKeyPassword : None( leave this empty)

Error - Failed to find cluster nodes while performing Discovery in the instance( commcell console)

CVD logs while doing discovery :

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(105) - dbUser=emongocommbackup]

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(110) - Port Number=27052

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(121) - Fetching client info

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(130) - Client Id=I16913] Name=mor1010050184124] Host=sor1010050184124] eHost=sor1010050184124]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Impl::ReadSocketTimeoutAdditionalSetting(232) - Using default socket timeout for mongoc driver connections

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(142) - Starting Discover Host=<or1010050184124> Port=<27052>

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::Discover(1823) - Starting discover using hostname mor1010050184124] port r27052] user emongocommbackup]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::RunMongoCmd(1151) - Running cmd mmongod --version]

24275 2173 01/28 09:58:48 ### CvProcess::system() - /u01/app/mongodb/product/4.0/bin/mongod --version 2>&1

24275 2173 01/28 09:58:48 ### CvProcess::system() - Command completed with rc=0

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::GetMongoDBServerVersion(1726) - Found MongoDB server version ov4.0.19]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Connect(497) - Connected to tor1010050184124:27052]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::RunCommand(566) - database:sadmin], command:n{"ping" : 1}], slaveOK:Otrue]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Impl::RunCommand(317) - Run admin command failed, error message: eNo suitable servers found (`serverSelectionTryOnce` set): )TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on 'or1010050184124:27052']]]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4567) - Failed to execute command n{"ping" : 1}]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4568) - Error: rRun admin command failed, error message: eNo suitable servers found (`serverSelectionTryOnce` set): )TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on 'or1010050184124:27052']]]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Connect(497) - Connected to t10.50.184.124:27052]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::RunCommand(566) - database:sadmin], command:n{"ping" : 1}], slaveOK:Otrue]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Impl::RunCommand(317) - Run admin command failed, error message: eNo suitable servers found (`serverSelectionTryOnce` set): )TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on '10.50.184.124:27052']]]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4567) - Failed to execute command n{"ping" : 1}]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4568) - Error: rRun admin command failed, error message: eNo suitable servers found (`serverSelectionTryOnce` set): )TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on '10.50.184.124:27052']]]

24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::Discover(1834) - Failed to validate master node hostname mor1010050184124]

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(144) - retCode from Discover = 1

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(164) - XML=M <?xml version="1.0" encoding="UTF-8" standalone="no" ?><App_MongoDBConfig/> ]

24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(176) - MachineBrowse Finished -- Path = /

 


Hey Rohit,

Sorry for the delay here - I’m not sure if you’re using the all the correct additinal settings . Can you confirm how you’re logging in with the mongo client? What parameters are used? Also - please confirm all SSL related settings in the monod config file.


Thank you . I raised a case with support and they helped me with the resolution of this issue.

Hosts has “cname” which is recognizable by database , when I updated the hostname in commcell to there cname , discovery works fine.


Hey Mogit,

That’s good to hear!

If you could mark this thread as answered that would be great.

 


Reply