Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us in NYC Sept 4th for Qlik's AI Reality Tour! Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
rg1683517879
Contributor
Contributor
‎2023-05-08 12:28 AM

Cannot connect to MongoDB using connection string with parameter tls=true&tlsInsecure=true

Hi,

I tried to connect to a mongodb using connection string with parameter tls=true&tlsInsecure=true, but I got error

   Connection failed!

    org.talend.repository.nosql.exceptions.NoSQLServerException: Cannot connect to database!

      at org.talend.repository.nosql.db.util.mongodb.MongoDBConnectionUtil.checkConnection(MongoDBConnectionUtil.java:133)

      at org.talend.repository.nosql.db.provider.mongodb.MongoDBMetadataProvider.checkConnection(MongoDBMetadataProvider.java:243)

      at org.talend.repository.nosql.ui.common.AbstractNoSQLConnForm$1$1.run(AbstractNoSQLConnForm.java:157)

      at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)

    Caused by: com.mongodb.MongoTimeoutException: Timed out after 30000 ms while waiting to connect. Client view of cluster state is {type=UNKNOWN, servers=[{address=xxxxx, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}]

      at com.mongodb.internal.connection.BaseCluster.getDescription(BaseCluster.java:177)

      at com.mongodb.internal.connection.SingleServerCluster.getDescription(SingleServerCluster.java:41)

      at com.mongodb.client.internal.MongoClientDelegate.getConnectedClusterDescription(MongoClientDelegate.java:127)

      at com.mongodb.client.internal.MongoClientDelegate.createClientSession(MongoClientDelegate.java:87)

      at com.mongodb.client.internal.MongoClientDelegate$DelegateOperationExecutor.getClientSession(MongoClientDelegate.java:258)

      at com.mongodb.client.internal.MongoClientDelegate$DelegateOperationExecutor.execute(MongoClientDelegate.java:162)

      at com.mongodb.client.internal.MongoIterableImpl.execute(MongoIterableImpl.java:135)

      at com.mongodb.client.internal.MongoIterableImpl.iterator(MongoIterableImpl.java:92)

      at com.mongodb.client.internal.MappingIterable.iterator(MappingIterable.java:39)

      at com.mongodb.client.internal.MappingIterable.iterator(MappingIterable.java:27)

      at org.talend.repository.nosql.db.util.mongodb.MongoDBConnectionUtil.checkConnection(MongoDBConnectionUtil.java:122)

      ... 3 more

   

0695b00000hrMlvAAE.png

Even though I can connect using the same connection string through MongoDB Compass and Python successfully as it is. Is there any way to resolve this kind of SSL error?

Any help is appreciated. Thank you.

Labels (3)
Labels
2,938 Views
0 Likes
1 Solution

Accepted Solutions
Anonymous
Not applicable
‎2023-05-08 08:36 PM

In response to rg1683517879

@Reynald Guntjoro​ ,

it should be ssl=true&sslValidate=false

instead of ssl=true&sslvalidate=false

please double check it

if it still doesn't help.

There are another 2 possible workarounds:

  1. disable the tls by setup the parameter

tls=false

2. import the mongo db certs to the jdk keystore in the file {javahome}\jre\lib\security\cacerts manually

View solution in original post

2,938 Views
0 Likes
7 Replies
Anonymous
Not applicable
‎2023-05-08 01:05 AM

Hello,

Could you please clarify in which Talend version/edition you are and what JDK version you are using?

Are you trying to connect to MongoDB through Talend Using SSl Connection?

In talend you are able to configure tSetKeyStore to use mongoclient.truststore as the TrustStore file.

 

Here is a related topic about configuring SSL connection for Mongo DB

https://community.talend.com/s/question/0D53p00007vCjCJCA0/configure-ssl-connection-for-mongo-db

Feel free to let us know if it helps.

Best regards

Sabrina

2,938 Views
0 Likes
rg1683517879
Contributor
Contributor
‎2023-05-08 01:59 AM
Author

In response to Anonymous

Hi,

Thanks for the answer.

 

The Talend Studio version I am using is 8.0.1 and the JDK version is 11.0.11

 

Yes, I am trying to connect to MongoDB with SSL connection true but without the need to provide any valid certificate. As I am able to connect to the mongodb remote host without providing any truststore or certificate through Mongo DB Compass and through python.

2,938 Views
0 Likes
Anonymous
Not applicable
‎2023-05-08 02:33 AM

In response to rg1683517879

Hello,

There is no Keystore in your location? How do you explicitly tell your Talend Job where to find the Keystore containing the certificate you want it to use? No need any certificate for this connection?

Best regard

Sabrina

 

2,938 Views
0 Likes
Anonymous
Not applicable
‎2023-05-08 02:49 AM

Hello @Reynald Guntjoro​ ,

Seems the parameter  tlsInsecure is not supported in the mongodb driver mongodb-driver-core-4.4.2

see https://jira.mongodb.org/browse/JAVA-4522

As a workaround, please add the below parameters in the mongo db connection string like

ssl=true&sslValidate=false

 

please remove the parameter tls=true&tlsInsecure=true

 

Best regards

Aiming

 

2,938 Views
0 Likes
rg1683517879
Contributor
Contributor
‎2023-05-08 05:17 AM
Author

In response to Anonymous

Hi Aiming,

Thanks for the answer.

 

I tried your suggestion and I got this warning instead:

[WARN ] 16:12:36 org.mongodb.driver.uri- Connection string contains unsupported option 'sslvalidate' and still getting the same error.

 

and for additional info, it seems that the current mongo driver in my talend studio is 4.2.3

 

com.mongodb.MongoTimeoutException: Timed out after 30000 ms while waiting to connect. Client view of cluster state is {type=UNKNOWN, servers=[{address=xxxxx, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}}]

at com.mongodb.internal.connection.BaseCluster.getDescription(BaseCluster.java:177) ~[mongodb-driver-core-4.2.3.jar:?]

at com.mongodb.internal.connection.SingleServerCluster.getDescription(SingleServerCluster.java:41) ~[mongodb-driver-core-4.2.3.jar:?]

at com.mongodb.client.internal.MongoClientDelegate.getConnectedClusterDescription(MongoClientDelegate.java:127) ~[mongodb-driver-sync-4.2.3.jar:?]

at com.mongodb.client.internal.MongoClientDelegate.createClientSession(MongoClientDelegate.java:87) ~[mongodb-driver-sync-4.2.3.jar:?]

at com.mongodb.client.internal.MongoClientDelegate$DelegateOperationExecutor.getClientSession(MongoClientDelegate.java:258) ~[mongodb-driver-sync-4.2.3.jar:?]

at com.mongodb.client.internal.MongoClientDelegate$DelegateOperationExecutor.execute(MongoClientDelegate.java:162) ~[mongodb-driver-sync-4.2.3.jar:?]

at com.mongodb.client.internal.MongoIterableImpl.execute(MongoIterableImpl.java:135) ~[mongodb-driver-sync-4.2.3.jar:?]

at com.mongodb.client.internal.MongoIterableImpl.iterator(MongoIterableImpl.java:92) ~[mongodb-driver-sync-4.2.3.jar:?]

at ptro_dev_hc_myteams.myteamsminingminervajob_0_1.myTeamsMiningMinervaJob.tMongoDBInput_1Process(myTeamsMiningMinervaJob.java:1268) [classes/:?]

at ptro_dev_hc_myteams.myteamsminingminervajob_0_1.myTeamsMiningMinervaJob.tMongoDBConnection_1Process(myTeamsMiningMinervaJob.java:521) [classes/:?]

at ptro_dev_hc_myteams.myteamsminingminervajob_0_1.myTeamsMiningMinervaJob.runJobInTOS(myTeamsMiningMinervaJob.java:2061) [classes/:?]

at ptro_dev_hc_myteams.myteamsminingminervajob_0_1.myTeamsMiningMinervaJob.main(myTeamsMiningMinervaJob.java:1759) [classes/:?]

 

Thank you

2,938 Views
0 Likes
Anonymous
Not applicable
‎2023-05-08 08:36 PM

In response to rg1683517879

@Reynald Guntjoro​ ,

it should be ssl=true&sslValidate=false

instead of ssl=true&sslvalidate=false

please double check it

if it still doesn't help.

There are another 2 possible workarounds:

  1. disable the tls by setup the parameter

tls=false

2. import the mongo db certs to the jdk keystore in the file {javahome}\jre\lib\security\cacerts manually

2,939 Views
0 Likes
rg1683517879
Contributor
Contributor
‎2023-05-09 10:31 PM
Author

In response to rg1683517879

Hi Aiming,

I copy pasted ssl=true&sslValidate=false as it is and it still gave the same warning.

Anyway, I currently use the second workaround by importing my mongodb server .cert to my truststore and use the tSetKeystore component to load the truststore file and it works perfectly fine for me.

 

Thanks for the suggestion.

 

Best,

Reynald

2,938 Views
0 Likes