MongoDB Notes
To create the certificate from the certificate request, perform this procedure.
Prerequisites
1.The certificate request testreq.csr is located in C:\ca.
2.The OPENSSL_CONF environmental variable points to the configuration file ca.cfg of the certificate authority.
3.The HOME environmental variable is set according to the previous section.
Procedure
1.Open a command window or access the command window used in the previous section.
2.If not already in directory C:\ca, change to that directory.
3.Perform this command:
openssl x509 -req -in testreq.csr -CA ca.pem -CAkey private\cakey.pem -CAcreateserial -out testcert.crt
The command will prompt you for the pass phrase for you CA's private key, not the pass phrase supplied to the certificate request. The command will create a certificate with a name that is a two digit number. The highest number is the certificate that was just created.
4.View the certificate with this command, where 02 is the file name of the certificate in the certs folder:
openssl x509 -in testcert.crt -text -noout | more
5.To use the certificate in MongoDB, the private key generated in the previous section must be combined with the certificate create in this section. You concatenate the files with this command:
type testkey.key testcert.crt > server.pem
The process generates the file server.pem which can be used with the mongod and mongos commands.
Related Information
