How to Enable MongoDB TLS Certificate in the Configuration?

When connecting to an extrenal or a managed database like DocumentDB or CosmosDB that has TLS enabled and also has a custom CA, the provided certificate also has to be loaded into MDSS in order to connect to the database.

Any provided certificates can be copied to the ca_certificates directory from the MDSS installation path. This directory is mounted in each MDSS container at the following path: /usr/local/share/ca-certificates . Also make sure to add the path to the certificate in the MongoDB connection string.

For example, when connecting to DocumentDB the connection string should look like this:

Bash
    
mongodb://<Username>:<Password>@<host>/?tls=true&tlsCAFile=/usr/local/share/ca-certificates/global-bundle.pem&replicaSet=rs0&retryWrites=false
Copy

Last updated on

Was this page helpful?