How to configure a ReplicaSet to support TLS/SSL?
Create the Root Certificate
The Root Certificate (aka CA File) will be used to sign and identify your certificate. To generate it, run the command below.
Keep the root certificate and its key carefully, both will be used to sign your certificates. The root certificate might be used by your client as well.
Generate the Certificate Requests and the Private Keys
When generating the Certificate Signing Request (aka CSR), input the exact hostname (or IP) of your node in the Common Name (aka CN) field. The others fields must have exactly the same value. You might need to modify your /etc/hosts file.
The commands below will generate the CSR files and the RSA Private Keys (4096 bits).
You must generate one CSR for each node of your ReplicaSet. Remember that the Common Name is not the same from one node to another. Don't base multiple CSRs on the same Private Key.
You must now have 3 CSRs and 3 Private Keys.
Sign your Certificate Requests
Use the CA File (ca.pem) and its Private Key (ca.key) generated previously to sign each Certificate Request by running the commands below.
Anil Bist
Skills Mongodb
Qualifications :- High School - SLV, College/University - Graphic Era Deemed Univ University,Location :-Dehradun,Dehradun,Uttarakhand,India
Description:-
I started my Professional Journey in 2006 with one of the Web Development Company in Bangalore and my 1st framework was "Ruby on Rail" as Web development and delivered around 5+ Projects using this platform. Then came another dimension as JEE/Sturst framework, Gradually I realized that I want to build something on my own and give my passion and energy on creating something different a
Explore