En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

connecting to AWS documenDB from local using port forwarding set up

0

Hi All,

I have set up port forwarding using which I am able to connect to studio T3 host details as localhost:27017. But when I try connecting trough prgramatically via springboot application with rds-truststore.jks file I am getting bellow error

Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address localhost found at java.base/sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:165) ~[na:na] at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:101) ~[na:na] at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) ~[na:na] at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:415) ~[na:na] at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[na:na] at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129) ~[na:na] at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341) ~[na:na] ... 23 common frames omitted

it is due to there is no reference of localhost in the rds-truststore.jks file..

How to add the localhost to rds-truststore.jks file ?

Sujets
Base de données
Balises
Amazon DocumentDB
Langue
English
gksachin04
demandé il y a 3 mois257 vues
2 réponses
1
Réponse acceptée

In my case below string helped in connecting to WS document DB from local machine

mongodb://<username>:<password>@localhost:27017/?tls=true&tlsInsecure=true

gksachin04
répondu il y a 3 mois
profile picture
EXPERT
Oleksii Bebych
vérifié il y a 2 mois
0

Try these:

  • Open the rds-truststore.jks file using keytool utility
  • keytool -keystore rds-truststore.jks -storepass <password> -list
  • Add the localhost alias to the truststore
  • keytool -keystore rds-truststore.jks -storepass <password> -alias localhost -import -file localhost.cer
  • Provide the path of the updated truststore in the springboot application configuration.
  • Restart the springboot application.
  • This will add the localhost certificate to the truststore and allow the application to connect to the database using localhost port forwarding without any certificate errors.
profile picture
EXPERT
Giovanni Lauria
répondu il y a 3 mois
  • gksachin04
    il y a 3 mois

    Thanks for answering, I did't try this as below connection string worked.

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents