Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

connecting to AWS documenDB from local using port forwarding set up

0

Hi All,

I have set up port forwarding using which I am able to connect to studio T3 host details as localhost:27017. But when I try connecting trough prgramatically via springboot application with rds-truststore.jks file I am getting bellow error

Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address localhost found at java.base/sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:165) ~[na:na] at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:101) ~[na:na] at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) ~[na:na] at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:415) ~[na:na] at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[na:na] at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129) ~[na:na] at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341) ~[na:na] ... 23 common frames omitted

it is due to there is no reference of localhost in the rds-truststore.jks file..

How to add the localhost to rds-truststore.jks file ?

Themen
Datenbank
Tags
Amazon DocumentDB
Sprache
English
gksachin04
gefragt vor 3 Monaten257 Aufrufe
2 Antworten
1
Akzeptierte Antwort

In my case below string helped in connecting to WS document DB from local machine

mongodb://<username>:<password>@localhost:27017/?tls=true&tlsInsecure=true

gksachin04
beantwortet vor 3 Monaten
profile picture
EXPERTE
Oleksii Bebych
überprüft vor 2 Monaten
0

Try these:

  • Open the rds-truststore.jks file using keytool utility
  • keytool -keystore rds-truststore.jks -storepass <password> -list
  • Add the localhost alias to the truststore
  • keytool -keystore rds-truststore.jks -storepass <password> -alias localhost -import -file localhost.cer
  • Provide the path of the updated truststore in the springboot application configuration.
  • Restart the springboot application.
  • This will add the localhost certificate to the truststore and allow the application to connect to the database using localhost port forwarding without any certificate errors.
profile picture
EXPERTE
Giovanni Lauria
beantwortet vor 3 Monaten
  • gksachin04
    vor 3 Monaten

    Thanks for answering, I did't try this as below connection string worked.

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt