MongoDB TLS/SSL Support

If MongoDB is configured to support TLS/SSL, the Web Server must be able to communicate with MongoDB.

Before You Begin

Obtain a CA-signed certificate or a self-signed certificate.
Create a PEM (Privacy Enhanced Mail) file that contains the complete certificate chain.

To the CommServe computer, add the enabledSSLMongoDB additional setting as shown in the following table.

For instructions on how to add additional settings from the CommCell Console, see Adding or Modifying Additional Settings from the CommCell Console.

Property

Value

Name

enabledSSLMongoDB

Category

DM2WebSearchServer

Type

String

Value

True
Stop the Commvault MongoDB Service.

For information about controlling services, see Services - Advanced.
To create or install the Commvault MongoDB Service with SSL, from the command line, go to software_installation_directory\MONGODB, and run the following command:
```
 
mongod --reinstall --serviceName GxMongo(instance) --serviceDisplayName "Commvault MongoDb (instance)" --port 27017 --dbpath "software_installation_directory\MONGODB" --logpath "software_installation_directory\MONGODB\log.log " --logappend --auth --sslMode requireSSL --sslPEMKeyFile "path\file_name.pem"
```
where:
- path\file_name.pem is the path to the PEM file and the name of the PEM file.
- instance is the instance where you installed the Commvault software.
Start the Commvault MongoDB Service.
Restart the IIS service.
Repeat these steps for all of the computers where MongoDB is installed.