使用SSL证书连接
通过Java连接文档数据库服务,代码中的Java链接格式如下:
- 连接到单节点:
mongodb://<username>:<password>@<instance_ip>:<instance_port>/<database_name>?authSource=admin&ssl=true - 连接到副本集:
mongodb://<username>:<password>@<instance_ip>:<instance_port>/<database_name>authSource=admin&replicaSet=replica&ssl=true - 连接到集群:
mongodb://<username>:<password>@<instance_ip>:<instance_port>/<database_name>?authSource=admin&ssl=true
| 参数 | 说明 |
|---|---|
| username | 当前用户名。 |
| password | 当前用户的密码。 |
| instance_ip | 如果通过弹性云服务器连接,“instance_ip”是主机IP,即“基本信息”页面该实例的“内网地址”。 |
| 如果通过连接了公网的设备访问,“instance_ip”为该实例已绑定的“弹性公网IP”。 | |
| instance_port | 端口,默认8030,当前端口,参考“基本信息”页面该实例的“数据库端口”。 |
| database_name | 数据库名,即需要连接的数据库名。 |
| authSource | 鉴权用户数据库,取值为admin。 |
| ssl | 连接模式,值为true代表是使用ssl连接模式。 |
连接文档数据库服务的Java代码,可参考以下示例:
import com.mongodb.MongoClient;
import com.mongodb.MongoClientOptions;
import com.mongodb.MongoCredential;
import com.mongodb.ServerAddress;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
public class MongoDBSSLExample {
public static void main(String[] args) throws Exception {
//用户名
String username = "";
//数据库
String databaseName = "";
//密码
String password = "";
//证书路径
String certPath = "";
//连接地址
String host = "";
//端口
int port = 8030;
// 创建MongoCredential对象
MongoCredential credential = MongoCredential.createCredential(username, databaseName, password.toCharArray());
// 加载证书
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate) certificateFactory.generateCertificate(new FileInputStream(certPath));
// 创建SSL上下文
SSLContext sslContext = SSLContext.getInstance("TLS");
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
keyStore.setCertificateEntry("mongodb-cert", certificate);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
// 创建MongoClient实例
MongoClientOptions options = MongoClientOptions.builder()
.sslEnabled(true)
.sslInvalidHostNameAllowed(true)
.sslContext(sslContext)
.build();
MongoClient mongoClient = new MongoClient(new ServerAddress(host, port), credential, options);
}
}
无证书连接
通过Java连接文档数据库服务实例,代码中的Java链接格式如下:
1.连接到单节点:
mongodb://<username>:<password>@<instance_ip>:<instance_port>/<database_name>?authSource=admin
2.连接到副本集:
mongodb://<username>:<password>@<instance_ip>:<instance_port>/<database_name>?authSource=admin&replicaSet=replica
3.连接到集群:
mongodb://<username>:<password>@<instance_ip>:<instance_port>/<database_name>?authSource=admin
参考代码如下:
import com.mongodb.MongoClient;
import com.mongodb.MongoClientOptions;
import com.mongodb.MongoCredential;
import com.mongodb.ServerAddress;
public class MongoDBExample {
public static void main(String[] args) {
//用户名
String username = "";
//数据库
String databaseName = "";
//密码
String password = "";
//连接地址
String host = "";
//端口
int port = 8030;
// 创建MongoCredential对象
MongoCredential credential = MongoCredential.createCredential(username, databaseName, password.toCharArray());
// 创建MongoClientOptions对象
MongoClientOptions options = MongoClientOptions.builder()
.retryWrites(true)
.build();
// 创建MongoClient实例
MongoClient mongoClient = new MongoClient(new ServerAddress(host, port), credential, options);
}
}
