Hi Daniel, You mentioned that you tried to use ssl option in the connection string. You can also use various other options to specify the client certificate and root certificate of the MongoDB: https://www.mongodb.com/docs/manual/reference/connection-string-options/#connection-options
MongoDB connection string has a bunch of options to configure TLS/SSL connection: * tlsCAFile * tlsCertificateKeyFile * * tlsCertificateKeyFilePassword Try to use them. Also, for debugging and testing purposes, you can try to disable some validations: * tlsAllowInvalidCertificates * * tlsAllowInvalidHostnames * * tlsInsecure Regards, Maksym ________________________________ Від: Daniel Goolsby <danielgool...@gmail.com> Надіслано: 15 липня 2025 р. 16:01 Кому: user@drill.apache.org <user@drill.apache.org> Тема: mongo server with 3rd party certs I'm realy new to apache drill, hoping that it can suit my needs. quick brief: i'm trying to use apache superset > drill > mongo.. I have a working mongo cluster with dns srv records that work for fine for being fed with telegraf, ansible, misc other clients. I'm coming up short trying to configure the Mongo storage plugin for drill for my cluster that uses 3rd party server certs with client ssl trust from trusted ca's. I've tried just using ssl=true in my connection string, but i need to be able to provide a custom client cert. from the docs: https://urldefense.com/v3/__https://drill.apache.org/docs/mongodb-storage-plugin/__;!!NpxR!gNKkG4YnZ66fgN11--ccTbttezRRNtIDFNY6Y8wXjfcPI7JpTnmh2JJKT465k4eCerKnC4zYCQnMXhuplC1B2O0$ it says i should be able to use the standard connection string format - but those options aren't valid. I know java things like keytool exist, so i've tried setting various JAVA_OPTS to create/specify keystores and truststores, but I cannot seem to get drill to try ssl on the mongo connection. the mongo server logs just hint that the connection only supports ssl, failing whatever client connection that drill is trying to make. any suggestions? -- --daniel --
