I have an ASP.NET Core Web API project hosted on a Windows-based AWS EC2 instance. The backend database is an AWS Document DB cluster. Both the EC2 instance and the Document DB cluster are within the same VPC and are using the same security group.
I've placed the global-bundle.pem file (provided by AWS DocumentDB) in the root path of the published API directory (C:\inetpub\wwwroot\Publish\global-bundle.pem).
Here is the connection string I'm currently using in appsettings.json:
"ConnectionStrings": {
"DocumentDb": "mongodb://<UserCredential>:<UserCredential>@<host_name>.us-east-2.docdb.amazonaws.com:27017/?directConnection=true&tls=true&tlsCAFile=C:\\inetpub\\wwwroot\\Publish\\global-bundle.pem"
}
However, I'm having trouble establishing a connection to the DocumentDB. The API fails to connect at runtime.
Is the format of my connection string correct for use in an ASP.NET Core application running on a Windows EC2 instance?
Are there any additional configurations or permissions I need to set for the TLS certificate path to work correctly?
Do I need to install or configure anything on the EC2 instance (e.g., MongoDB drivers, certificates) for this setup to work?
currently this error getting.
A timeout occurred after 30000ms selecting a server using CompositeServerSelector{ Selectors = ReadPreferenceServerSelector{ ReadPreference = { Mode : Primary } }, LatencyLimitingServerSelector{ AllowedLatencyRange = 00:00:00.0150000 }, OperationsCountServerSelector }. Client view of cluster state is { ClusterId : "1", DirectConnection : "true", Type : "Standalone", State : "Disconnected", Servers : [{ ServerId: "{ ClusterId : 1, EndPoint : "Unspecified/next-level-mongo-db.c1aggww4wgt0.us-east-2.docdb.amazonaws.com:27017" }", EndPoint: "Unspecified/next-level-mongo-db.c1aggww4wgt0.us-east-2.docdb.amazonaws.com:27017", ReasonChanged: "Heartbeat", State: "Disconnected", ServerVersion: , TopologyVersion: , Type: "Unknown", HeartbeatException: "MongoDB.Driver.MongoConnectionException: An exception occurred while opening a connection to the server. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: PartialChain at System.Net.Security.SslStream.SendAuthResetSignal(ReadOnlySpan`1 alert, ExceptionDispatchInfo exception) at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions) at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken) at System.Net.Security.SslStream.AuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions) at MongoDB.Driver.Core.Connections.SslStreamFactory.CreateStream(EndPoint endPoint, CancellationToken cancellationToken) at MongoDB.Driver.Core.Connections.BinaryConnection.OpenHelper(CancellationToken cancellationToken) --- End of inner exception stack trace ---
Any guidance or working examples would be greatly appreciated.
