com.mongodb.MongoSocketWriteException: Exception sending message

JIRA | Stefan Siegl | 7 months ago
  1. 0

    Hello, I´m trying to connect to a mongod instance on CentOS with the Java driver from my windows-pc. The mongod is configured as follows: {noformat} ssl: mode: requireSSL PEMKeyFile: /tmp/ssl/mongodb.pem CAFile: /tmp/ssl/cert-chain.pem allowConnectionsWithoutCertificates: true {noformat} A connection from my windows with the commandline works: {noformat} mongod <server:port> --ssl --sslCAFile <certicate-ca> {noformat} Also from MongoChef, but I get an exception when I try to execute the following snippet: {code:java} MongoClientOptions clientOptions = MongoClientOptions.builder().sslEnabled(true).sslInvalidHostNameAllowed(false).build(); MongoClient mongoClient = new MongoClient("<mongod-dnsname>", clientOptions); MongoDatabase db = mongoClient.getDatabase("test"); MongoCollection<Document> collection = db.getCollection("testColl"); System.out.println(collection.count()); {code} The stacktrace is: {noformat} 2016-05-03 08:02:28,004 INFO cluster: Cluster created with settings {hosts=[<mongod-dnsname>], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=500} 2016-05-03 08:02:28,086 DEBUG cluster: Updating cluster description to {type=UNKNOWN, servers=[{address=<mongod-dnsname>, type=UNKNOWN, state=CONNECTING}] 2016-05-03 08:02:28,132 INFO cluster: No server chosen by ReadPreferenceServerSelector{readPreference=primary} from cluster description ClusterDescription{type=UNKNOWN, connectionMode=SINGLE, all=[ServerDescription{address=<mongod-dnsname>, type=UNKNOWN, state=CONNECTING}]}. Waiting for 30000 ms before timing out 2016-05-03 08:02:28,147 DEBUG connection: Closing connection connectionId{localValue:1} 2016-05-03 08:02:28,149 DEBUG connection: Closing connection connectionId{localValue:1} 2016-05-03 08:02:28,150 INFO cluster: Exception in monitor thread while connecting to server <mongod-dnsname> com.mongodb.MongoSocketWriteException: Exception sending message at com.mongodb.connection.InternalStreamConnection.translateWriteException(InternalStreamConnection.java:462) at com.mongodb.connection.InternalStreamConnection.sendMessage(InternalStreamConnection.java:205) at com.mongodb.connection.CommandHelper.sendMessage(CommandHelper.java:89) at com.mongodb.connection.CommandHelper.executeCommand(CommandHelper.java:32) at com.mongodb.connection.InternalStreamConnectionInitializer.initializeConnectionDescription(InternalStreamConnectionInitializer.java:83) at com.mongodb.connection.InternalStreamConnectionInitializer.initialize(InternalStreamConnectionInitializer.java:43) at com.mongodb.connection.InternalStreamConnection.open(InternalStreamConnection.java:115) at com.mongodb.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:128) at java.lang.Thread.run(Thread.java:745) Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address <mongod-ip> found at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1506) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) at com.mongodb.connection.SocketStream.write(SocketStream.java:75) at com.mongodb.connection.InternalStreamConnection.sendMessage(InternalStreamConnection.java:201) ... 7 more Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address <mongod-ip> found at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:167) at sun.security.util.HostnameChecker.match(HostnameChecker.java:93) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:200) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1488) ... 16 more {noformat} The certificate was also used for the application running on the same server without any trouble. It contains following SAN entry: X509v3 Subject Alternative Name: DNS:<mongod-dnsname>

    JIRA | 7 months ago | Stefan Siegl
    com.mongodb.MongoSocketWriteException: Exception sending message
  2. 0

    Hello, I´m trying to connect to a mongod instance on CentOS with the Java driver from my windows-pc. The mongod is configured as follows: {noformat} ssl: mode: requireSSL PEMKeyFile: /tmp/ssl/mongodb.pem CAFile: /tmp/ssl/cert-chain.pem allowConnectionsWithoutCertificates: true {noformat} A connection from my windows with the commandline works: {noformat} mongod <server:port> --ssl --sslCAFile <certicate-ca> {noformat} Also from MongoChef, but I get an exception when I try to execute the following snippet: {code:java} MongoClientOptions clientOptions = MongoClientOptions.builder().sslEnabled(true).sslInvalidHostNameAllowed(false).build(); MongoClient mongoClient = new MongoClient("<mongod-dnsname>", clientOptions); MongoDatabase db = mongoClient.getDatabase("test"); MongoCollection<Document> collection = db.getCollection("testColl"); System.out.println(collection.count()); {code} The stacktrace is: {noformat} 2016-05-03 08:02:28,004 INFO cluster: Cluster created with settings {hosts=[<mongod-dnsname>], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=500} 2016-05-03 08:02:28,086 DEBUG cluster: Updating cluster description to {type=UNKNOWN, servers=[{address=<mongod-dnsname>, type=UNKNOWN, state=CONNECTING}] 2016-05-03 08:02:28,132 INFO cluster: No server chosen by ReadPreferenceServerSelector{readPreference=primary} from cluster description ClusterDescription{type=UNKNOWN, connectionMode=SINGLE, all=[ServerDescription{address=<mongod-dnsname>, type=UNKNOWN, state=CONNECTING}]}. Waiting for 30000 ms before timing out 2016-05-03 08:02:28,147 DEBUG connection: Closing connection connectionId{localValue:1} 2016-05-03 08:02:28,149 DEBUG connection: Closing connection connectionId{localValue:1} 2016-05-03 08:02:28,150 INFO cluster: Exception in monitor thread while connecting to server <mongod-dnsname> com.mongodb.MongoSocketWriteException: Exception sending message at com.mongodb.connection.InternalStreamConnection.translateWriteException(InternalStreamConnection.java:462) at com.mongodb.connection.InternalStreamConnection.sendMessage(InternalStreamConnection.java:205) at com.mongodb.connection.CommandHelper.sendMessage(CommandHelper.java:89) at com.mongodb.connection.CommandHelper.executeCommand(CommandHelper.java:32) at com.mongodb.connection.InternalStreamConnectionInitializer.initializeConnectionDescription(InternalStreamConnectionInitializer.java:83) at com.mongodb.connection.InternalStreamConnectionInitializer.initialize(InternalStreamConnectionInitializer.java:43) at com.mongodb.connection.InternalStreamConnection.open(InternalStreamConnection.java:115) at com.mongodb.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:128) at java.lang.Thread.run(Thread.java:745) Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address <mongod-ip> found at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1506) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) at com.mongodb.connection.SocketStream.write(SocketStream.java:75) at com.mongodb.connection.InternalStreamConnection.sendMessage(InternalStreamConnection.java:201) ... 7 more Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address <mongod-ip> found at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:167) at sun.security.util.HostnameChecker.match(HostnameChecker.java:93) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:200) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1488) ... 16 more {noformat} The certificate was also used for the application running on the same server without any trouble. It contains following SAN entry: X509v3 Subject Alternative Name: DNS:<mongod-dnsname>

    JIRA | 7 months ago | Stefan Siegl
    com.mongodb.MongoSocketWriteException: Exception sending message
  3. 0

    GitHub comment 443#223751941

    GitHub | 6 months ago | seveniruby
    java.security.cert.CertificateException: No subject alternative names matching IP address xx.xx.xx.xx found
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    get error message No subject alternative names matching IP address when use TrustSource add

    GitHub | 5 months ago | seveniruby
    io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
  6. 0

    problem while upgrading vertx mail client to 3.3.2 from 3.2.0

    Google Groups | 4 months ago | Buddha Shrestha
    javax.net.ssl.SSLHandshakeException: General SSLEngine problem

  1. rp 1 times, last 8 months ago
  2. poroszd 1 times, last 9 months ago
14 unregistered visitors
Not finding the right solution?
Take a tour to get the most out of Samebug.

Tired of useless tips?

Automated exception search integrated into your IDE

Root Cause Analysis

  1. java.security.cert.CertificateException

    No subject alternative names matching IP address <mongod-ip> found

    at sun.security.util.HostnameChecker.matchIP()
  2. Java RT
    HostnameChecker.match
    1. sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:167)
    2. sun.security.util.HostnameChecker.match(HostnameChecker.java:93)
    2 frames
  3. Java JSSE
    AppOutputStream.write
    1. sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455)
    2. sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436)
    3. sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:200)
    4. sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
    5. sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1488)
    6. sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
    7. sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
    8. sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
    9. sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
    10. sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
    11. sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
    12. sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
    12 frames
  4. MongoDB Java Driver
    DefaultServerMonitor$ServerMonitorRunnable.run
    1. com.mongodb.connection.SocketStream.write(SocketStream.java:75)
    2. com.mongodb.connection.InternalStreamConnection.sendMessage(InternalStreamConnection.java:201)
    3. com.mongodb.connection.CommandHelper.sendMessage(CommandHelper.java:89)
    4. com.mongodb.connection.CommandHelper.executeCommand(CommandHelper.java:32)
    5. com.mongodb.connection.InternalStreamConnectionInitializer.initializeConnectionDescription(InternalStreamConnectionInitializer.java:83)
    6. com.mongodb.connection.InternalStreamConnectionInitializer.initialize(InternalStreamConnectionInitializer.java:43)
    7. com.mongodb.connection.InternalStreamConnection.open(InternalStreamConnection.java:115)
    8. com.mongodb.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:128)
    8 frames
  5. Java RT
    Thread.run
    1. java.lang.Thread.run(Thread.java:745)
    1 frame