How to create SSL certificate on Ubuntu(22.04 (LTS) x64) droplet for Mongo?

To create an SSL certificate on Ubuntu 22.04 (LTS) x64 for MongoDB, you can follow these steps:

1. Install OpenSSL: If you don’t have OpenSSL installed on your system, you can install it by running the following command:

sudo apt-get install openssl

2. Generate a private key: Use OpenSSL to generate a new private key by running the following command:

sudo openssl genrsa -out mongodb.key 2048

3. Generate a certificate signing request: Use OpenSSL to generate a certificate signing request (CSR) by running the following command:

sudo openssl req -new -key mongodb.key -out mongodb.csr

You will be prompted to enter information about your organization, such as your country, state/province, and company name.

4. Get your CSR signed: Send your CSR to a Certificate Authority (CA) to get it signed. There are many CAs that offer SSL certificates, such as Let’s Encrypt or Digicert. Follow the instructions provided by the CA to complete this step.

5. Combine the key and certificate: Once you receive the signed certificate from the CA, you can combine it with the private key to create a single file that contains both. Run the following command:

sudo cat mongodb.crt mongodb.key >> mongodb.pem

Where “mongodb.crt” is the signed certificate file you received from the CA.

6. Configure MongoDB to use the SSL certificate: You can now configure MongoDB to use the SSL certificate by updating your MongoDB configuration file. Set the “sslMode” option to “requireSSL” and the “sslPEMKeyFile” option to the path of the “mongodb.pem” file you created earlier. For example:

net:
  port: 27017
  ssl:
    mode: requireSSL
    PEMKeyFile: /path/to/mongodb.pem

7. Restart MongoDB: Finally, restart MongoDB to apply the changes to the configuration file. You can do this by running the following command:

sudo systemctl restart mongodb

That’s it! Your MongoDB server is now configured to use SSL with the certificate you created.

Leave a Comment