Verifying if TLS connection can be established
To verify if the TLS connection can be established, do the following.
-
Edit the custom.env file and locate the MONGO_URL parameters in the file.
Sametime configures the MongoDB details in a Mongo URL, for example:
mongodb://sametime_user:mongodb_password.mongodb_host:port
where:
- sametime_user is the name of the MongoDB used by the MongoDB user.
- mongodb_password is the password used by the MongoDB user.
- mongodb_host is the fully qualified host name of the MongoDB server.
- port is the port number used by MongoDB.
- Add the following parameter to the Mongo URL.
tlsAllowInvalidCertificates=true
Note: Only use the option on systems where intrusion is not possible. This step bypasses the certificate check on the client side and is a viable option if both MongoDB and the Sametime components are all on the same host. Doing this step assumes that there would be no traffic on the network and there is no possibility of the mongo hostname being hijacked in DNS. For more information, refer to the official MongoDB documentation.
-
Save the changes.
Parent Topic: Setting up TLS for the Mongo database