Unable to connect to AWS Documentdb using MongoDB Compass. No option to pass sslInvalidHostName

Question

AWS DocumentDB is a relatively new service we\'re trying to migrate to. To connect from outside of the VPC, you have to create a tunnel to an existing instance.

For exa

Answer 1

I have done this using only MongoDB Compass (Community, v. 1.16.4), without creation of a tunnel via external tools.

Firstly, download AWS's certificate from: https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem. I have got this link from: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html

Also make sure that you have an access to your DocDB cluster from the EC2 instance. To do it look into security groups settings specified for your DocDB cluster. Given that you are able to get the access using mongo shell, you should have it.

Then on the connection screen in MongoDB Compass specify the following (your credentials used as an example):

• Hostname: sample-cluster.cluster-cu52jq5kfddg.us-east-1.docdb.amazonaws.com
• Port: 27017
• Authentication: Username/Password
• Username: YourDocDBUsername
• Password: YourDocDBUserPassword
• SSL: Server validation
• Certificate Authority: (select downloaded rds-combined-ca-bundle.pem)
• SSH Tunnel: Use identity file
• SSH Hostname: ec2-34-229-221-164.compute-1.amazonaws.com
• SSH Tunnel Port: 22
• SSH Username: ubuntu
• SSH Identity File: ec2Access.pem