I am wondering if anyone has seen an update of the problem from 3.0.9 to 3.2.8 when the external user database is not replicated?
I have an existing replica set 3.0.9 environment that works without encrypted communications (without TLS) and without authentication; environment is working fine. But when I upgrade using 3.2.8, which has TLS and RBAC (using $ external), the SECONDARY members in the cluster do not seem to receive the user's external data.
If I performed the initial installation of 3.2.8 with my configuration, it works fine, that is, applications that connect to a set of replicas and read / write from the primary or just read from the secondary can connect and authenticate. But if I try to do the same from the updated cluster 3.0.9-3.2.8, then connect, auth and read / write from primary will be fine, but they can connect, but not auth to the secondary ones.
Is this a known bug? I read all the update documents on mongodb but cannot find where anyone was trying to do this.
The error I get when it does not work:
test7-mongodb-rs:SECONDARY> db.getSiblingDB("$external").auth( { mechanism: "MONGODB-X509", user: "CN=*******,OU=******,O=**********,L=***,ST=**, C=US@ $external" Error: 11 { ok: 0.0, errmsg: "Could not find user CN=*******,OU=******,O=**********,L=***,ST=**, C=US@ $external", code: 11 } 0
source share