X509 certificates to connect to MongoDB

#1

Hello,

I have a MongoDB server that requires X509 certificate based authentication. I can’t see how to configure Dremio to connect using anything other than username/password or no authentication.

Is there a way to configure it to use certificate based authentication?

Thanks,
Andre

1 Like
#2

I have the same need. This is a show stopper for us for production data access.

#3

Hi @AndreElPec,

In dremio-env, you can add the following parameters to the extra java options towards the end of the file:

# Extra Java options
#
DREMIO_JAVA_EXTRA_OPTS="-Djavax.net.ssl.keyStoreType=jks -Djavax.net.ssl.trustStore=/path/to/truststore
-Djavax.net.ssl.trustStorePassword=yourPassword"

You will have to have the truststore on each Dremio node. If you are NOT using YARN then this config change has to be made to dremio-env each node with the appropriate values.

1 Like
#4

I should add that you will then have to enable SSL when configuring the Mongo source by checking the “Encrypt connection” option.
encrypt-mongo