我无法重新启动我的mongodb服务。在检查日志时,/var/log/mongodb/mongod.log我收到以下错误:
cannot read certificate file: /root/ssl/mongodb.pem error:0200100D:system library:fopen:Permission denied
2019-11-23T17:04:27.679+0000 F CONTROL [main] Failed global initialization: InvalidSSLConfiguration: Can not set up PEM key file.
我的/etc/mongod.conf看起来像:
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# Where and how to store data.
storage:
dbPath: /var/lib/mongodb
journal:
enabled: true
# engine:
# mmapv1:
# wiredTiger:
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1
tls:
mode: requireTLS
certificateKeyFile: /root/ssl/mongodb.pem
# how the process runs
processManagement:
timeZoneInfo: /usr/share/zoneinfo
#security:
#operationProfiling:
#replication:
#sharding:
## Enterprise-Only Options:
#auditLog:
#snmp:
文件夹的权限/root/ssl/是:
-rw-rw-r-- 1 mongodb mongodb 1354 Nov 23 16:22 mongodb.crt
-rw-rw-r-- 1 mongodb mongodb 1082 Nov 23 16:22 mongodb.csr
-rw-rw-r-- 1 mongodb mongodb 1679 Nov 23 16:21 mongodb.key
-rw-rw-rw- 1 mongodb mongodb 3033 Nov 23 16:22 mongodb.pem
-rw-rw-r-- 1 mongodb mongodb 1751 Nov 23 16:20 rootCA.key
-rw-rw-r-- 1 mongodb mongodb 1472 Nov 23 16:21 rootCA.pem
-rw-rw-r-- 1 mongodb mongodb 17 Nov 23 16:22 rootCA.srl
Ubuntu 16.04 LTS
MongoDB : 4.2
该文件夹root通常具有以下权限:
drwx------ 5 root root 4096 Nov 25 15:32 root/
这意味着用户mongodb首先无法访问它。
我的建议是将文件夹中的文件移动/root/ssl到/etc/ssl/mongodb/并相应地更新 mongod.conf 文件。
| 归档时间: |
|
| 查看次数: |
7857 次 |
| 最近记录: |