I'm setting up a development environment with PHP creating a connection to MongoDB over SSL. The server is using a self-signed cert and I'm using the MongoDB PHP extension (Not the older Mongo extension). Server is CentOS 7, mongod is 3.2.6. Client is OS X with PHP 5.6.10 (MAMP). My mongod.conf has the following:
net:
ssl:
mode: requireSSL
PEMKeyFile: /data/ssl/mongodb.pem
allowConnectionsWithoutCertificates: true
I verified my connection was working without SSL and verified I can connect from the console on the server. My PHP connection looks like this:
$mongo = new MongoDB\Driver\Manager("mongodb://" . $mongo_user . ":" . $mongo_pass . "@" . $mongoHost . "/" . $mongo_db, array(
'ssl' => true,
'sslAllowInvalidCertificates' => true,
'host' => $mongoHost
)
);
When trying to connect, I get the following:
SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Anyone have any experience with this? I was under the impression that sslAllowInvalidCertificates would allow the connection even though the certificate is self-signed (assuming the self-signed cert is what is failing verification).
Thanks!
