Solved: Configure SSL connection for Mongo DB - Qlik Community

Anonymous · ‎2019-07-29

Hi There,

We need to connect to MongoDB through Talend Using SSl Connection.

We have the Certificate, Certificate Authority and Private key files. But not sure how to use it in Talend.

Can anybody please help us with this.

Regards,

Apoorv Jain

Anonymous · ‎2019-07-31

Hi Sabrina,

Thanks for your reply, I was able to resolve this by following the below steps:

Step 1: Generate P12 keystore by using Mongodb Client Certificate and client private key:

openssl pkcs12 -export -name mongo_clientcert -in mongo-certificate -inkey client-private-key -out mongoclientkeystore.p12

Step 2: Convert P12 keystore to jks key store:

keytool -importkeystore -destkeystore mongoclient.keystore -srckeystore mongoclientkeystore.p12 -srcstoretype pkcs12 -alias mongo_clientcert

Step 3: Add the Certifying authority certificate and Mongo Client certificate to the truststore:

keytool -import -alias server-cert -file cacert -keystore mongoclient.truststore
keytool -import -alias client-cert -file mongo-certificate -keystore mongoclient.truststore

I then configured tSetKeyStore to use mongoclient.truststore as the TrustStore file and checked Need Client Authentication checkbox and used mongoclient.keystore generated in step 2 as the KeyStore.

The below link was very helpful in understanding the SSL certificate setup:
https://unix.stackexchange.com/questions/347116/how-to-create-keystore-and-truststore-using-self-sig...

Thanks and Regards,

Apoorv Jain

View solution in original post

Anonymous · ‎2019-07-31

Hello,

Is your mongodb-cert.crt the public self-signed certificate? If not, you could generate a JKS truststore using keytool :

keytool -importcert -file mongodb-cert.crt -keystore keystore.jks -alias "MONGODB"

In talend studio, you can use the tSetKeyStore component to load SSL configuration and point the ''TrustStore File" to your generated trust store.

tSetKeyStore-->onsubjobok-->tMongoDBConnection-->onsubjobok-->tMongoDBInput-->further processing.

Best regards

Sabrina

Anonymous · ‎2019-07-31

Hi Sabrina,

Thanks for your reply, I was able to resolve this by following the below steps:

Step 1: Generate P12 keystore by using Mongodb Client Certificate and client private key:

openssl pkcs12 -export -name mongo_clientcert -in mongo-certificate -inkey client-private-key -out mongoclientkeystore.p12

Step 2: Convert P12 keystore to jks key store:

keytool -importkeystore -destkeystore mongoclient.keystore -srckeystore mongoclientkeystore.p12 -srcstoretype pkcs12 -alias mongo_clientcert

Step 3: Add the Certifying authority certificate and Mongo Client certificate to the truststore:

keytool -import -alias server-cert -file cacert -keystore mongoclient.truststore
keytool -import -alias client-cert -file mongo-certificate -keystore mongoclient.truststore

I then configured tSetKeyStore to use mongoclient.truststore as the TrustStore file and checked Need Client Authentication checkbox and used mongoclient.keystore generated in step 2 as the KeyStore.

The below link was very helpful in understanding the SSL certificate setup:
https://unix.stackexchange.com/questions/347116/how-to-create-keystore-and-truststore-using-self-sig...

Thanks and Regards,

Apoorv Jain

Anonymous · ‎2019-07-31

Hello @apoorv_jain5000

Great it is fixed and thanks for sharing this reference with us on community.

Best regards

Sabrina

Configure SSL connection for Mongo DB

Big Data

v6.x