如何在mongo中添加SSL密钥库和信任库文件路径和密码:客户端选项使用Spring XML在TLS上连接mongo db。还需要知道如何在 xml 中添加 mongo:client 属性中允许的 SSL 无效主机名。我正在使用弹簧数据 mongo db 2.2.3 .
这不是XML解决方案,而是通过Bean。 这就是我为 2.2.5.RELEASE 所做的。请注意,对于 2.3.0,没有 MongoClientOptions
@Value("classpath:truststore/mongoserver-truststore.p12")
private Resource trustStore;
@Value("${ssl.truststore.mongodb.password}")
private String mongoTrustStorePassword;
@Bean
public MongoClientOptions mongoClientOptions() throws Exception {
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(trustStore.getInputStream(), mongoTrustStorePassword.toCharArray());
trustManagerFactory.init(keyStore);
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
return MongoClientOptions.builder()
.sslEnabled(true)
.sslContext(sslContext)
.sslInvalidHostNameAllowed(true)
.build();
}