So I'm writing this in hopes of saving someone an hour or two. I recently upgraded our development server from CentOS 6.8 to 6.9 and PHP 5.3 to 5.6. It uses the
MongoClient to connect to our mongo database instance over a self signed SSL certificate. After the upgrade, it kept spitting out the
Can't connect over SSL, is mongod running with SSL?. After some trial and error, and some online scouring, I found the context options to pass to the mongo client connection to accept the self signed SSL.
I was able to connect successfully over SSL from just the command line interface from the same web server, so I knew it had to be something PHP side. Before it was able to encrypt traffic by just passing the
array("ssl"=>true) parameter. I'm just assuming here that the PHP mongo client before was fine with that, or the new php.ini file is going to need to be changed to reflect the old one prior to the upgrade. It connects now though by setting it up with the stream context options:
$ctx = stream_context_create( array( "ssl" => array( "peer_name" => "<hostname/ip>", "verify_peer" => false, "verify_peer_name" => false, "allow_self_signed" => true ) )); $m = new MongoClient("mongodb://$mongoname:$mongopwd@$mongohost/$dbname", array("ssl" => true), array("context" => $ctx));