ODBC Driver for MongoDB

Connect to MongoDB Using SSL

Connecting to MongoDB Using SSL

SSL (Secure Sockets Layer) is a standard protocol for secure access to a remote machine over untrusted networks. It runs on top of TCP/IP to secure client-server communications by allowing an SSL-enabled client to authenticate itself to an SSL-enabled server and vice versa. During server authentication, an SSL-enabled client application uses standard techniques of public-key cryptography to verify the server's identity by checking that the server's certificate is issued by a trusted certificate authority (CA) and proves the ownership of the public key.

Conversely, SSL client authentication allows the server to validate the client's identity. The client and server can also authenticate each other using self-signed certificates, however, you will almost never want to use a self-signed certificate, except for an Intranet or a development server. After establishing an SSL connection, the client and server can exchange messages that are symmetrically encrypted with the shared secret key. SSL is the recommended method to establish a secure connection to MongoDB due to easier configuration and higher performance, compared to SSH. See the MongoDB documentation for more information on how to configure mongod and mongos for TLS/SSL .

To establish an SSL connection to MongoDB, enable TLS/SSL and specify the client and CA certificates in Connection Options on the Advanced Settings tab. See the MongoDB documentation for more information on Connection Options and TLS/SSL Configuration for Clients.

MongoDB SSL Connection

SSL Options

Option

Description

tls

Enables TLS/SSL connections in MongoDB 4.2 and later.

ssl

Enables TLS/SSL connections in MongoDB versions prior to 4.2.

tlsCertificateKeyFile

The .pem file that contains the client certificate and key in MongoDB 4.2 and later.

sslPEMKeyFile

The .pem file that contains the client certificate and key in MongoDB versions prior to 4.2.

tlsCAFile

The Certificate Authority (CA) .pem file in MongoDB 4.2 and later.

sslCAFile

The Certificate Authority (CA) .pem file in MongoDB versions prior to 4.2.

Sample SSL Connection String

MongoDB versions prior to 4.2.

DRIVER={Devart ODBC Driver for MongoDB};Data Source=myServer;Port=myPort;Database=myDatabase;User ID=myUser;Password=myPassword;Connection Options="ssl=true&sslPEMKeyFile=C:\myClientCertificate.pem&sslCAFile=C:\myCaCertificate.pem"

MongoDB 4.2 and later.

DRIVER={Devart ODBC Driver for MongoDB};Data Source=myServer;Port=myPort;Database=myDatabase;User ID=myUser;Password=myPassword;Connection Options="tls=true&tlsCertificateKeyFile=C:\myClientCertificate.pem&tlsCAFile=C:\myCaCertificate.pem"

© 2015-2022 Devart. All Rights Reserved. Request Support ODBC Forum Provide Feedback