{"id":13567618,"url":"https://github.com/smallstep/mongo-tls","last_synced_at":"2025-04-10T19:34:28.169Z","repository":{"id":46208484,"uuid":"387581929","full_name":"smallstep/mongo-tls","owner":"smallstep","description":"Complete setups for MongoDB single-node TLS, cluster TLS, and X.509 user authentication, using the step-ca online Certificate Authority.","archived":false,"fork":false,"pushed_at":"2024-02-26T19:04:15.000Z","size":48,"stargazers_count":12,"open_issues_count":0,"forks_count":4,"subscribers_count":8,"default_branch":"main","last_synced_at":"2025-04-03T23:34:58.370Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/smallstep.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-07-19T20:08:03.000Z","updated_at":"2023-11-17T13:17:26.000Z","dependencies_parsed_at":"2024-08-01T13:39:43.451Z","dependency_job_id":null,"html_url":"https://github.com/smallstep/mongo-tls","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smallstep%2Fmongo-tls","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smallstep%2Fmongo-tls/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smallstep%2Fmongo-tls/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smallstep%2Fmongo-tls/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/smallstep","download_url":"https://codeload.github.com/smallstep/mongo-tls/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248281422,"owners_count":21077423,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T13:02:36.621Z","updated_at":"2025-04-10T19:34:28.151Z","avatar_url":"https://github.com/smallstep.png","language":"Shell","funding_links":[],"categories":["Shell"],"sub_categories":[],"readme":"# Securing MongoDB with TLS\n\nThese scripts can be used to set up various example MongoDB server configurations that require TLS and use certificates issued by an internal CA.\n\nThese scripts were tested on Ubuntu 23.10 and Debian Bookworm\n\n**[See our blog series, Securing MongoDB with TLS, for a detailed introduction and walkthrough of these scripts](https://www.mongodb.com/developer/article/securing-mongodb-with-tls/)**.\n\nAll of these Mongo configurations require an online [`step-ca` Certificate Authority](https://github.com/smallstep/certificates/).\nConfigure and run `0-step-ca.sh` to set one up.\n\nNext, you can run the following examples on separate machines:\n\n* A simple server with Client \u003c-\u003e Server TLS (`1-mongo-server-with-tls.sh`)\n* -OR- A three-member replica set cluster (Primary-Secondary-Secondary toplogy) with both Client \u003c-\u003e Server and Cluster Member TLS (run `2-mongo-pss-cluster.sh` on system init, then manually follow the instructions in `create-replica-set.sh`)\n\nBoth examples use Docker Compose for simplicity.\nIn a production environment, you'd obviously want to run a cluster on several machines.\n\nFinally, you can enable X509 Certificate Authentication (for both service users and human users) by following the instructions in `add-x509-user-authenticaiton.sh`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsmallstep%2Fmongo-tls","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsmallstep%2Fmongo-tls","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsmallstep%2Fmongo-tls/lists"}