MongoDB TLS/SSL Support

If MongoDB is configured to support TLS/SSL, the Web Server must be able to communicate with MongoDB.

Before You Begin

  1. Obtain a CA-signed certificate or a self-signed certificate.

  2. Create a PEM (Privacy Enhanced Mail) file that contains the complete certificate chain.

Procedure

  1. To the CommServe computer, add the enabledSSLMongoDB additional setting as shown in the following table.

    For instructions on how to add additional settings from the CommCell Console, see Adding or Modifying Additional Settings from the CommCell Console.

    Property

    Value

    Name

    enabledSSLMongoDB

    Category

    DM2WebSearchServer

    Type

    String

    Value

    True

  2. Stop the Commvault MongoDB Service.

    For information about controlling services, see Services - Advanced.

  3. To create or install the Commvault MongoDB Service with SSL, from the command line, go to software_installation_directory\MONGODB, and run the following command:

    mongod --reinstall --serviceName GxMongo(instance) --serviceDisplayName "Commvault MongoDb (instance)" --port 27017 --dbpath "software_installation_directory\MONGODB" --logpath "software_installation_directory\MONGODB\log.log " --logappend --auth --sslMode requireSSL --sslPEMKeyFile "path\file_name.pem"

    where:

    • path\file_name.pem is the path to the PEM file and the name of the PEM file.

    • instance is the instance where you installed the Commvault software.

  4. Start the Commvault MongoDB Service.

  5. Restart the IIS service.

  6. Repeat these steps for all of the computers where MongoDB is installed.

Loading...