美国焊接学会如下图所示
##To encrypt data in transit, download the public key for Amazon DocumentDB named rds-combined-ca-bundle.pem
import pymongo
##Create a MongoDB client, open a connection to Amazon DocumentDB as a replica set and specify the read preference as secondary preferred
client = pymongo.MongoClient('mongodb://<sample-user>:<password>@sample-cluster.node.us-east-1.docdb.amazonaws.com:27017/?ssl=true&ssl_ca_certs=rds-combined-ca-bundle.pem&replicaSet=rs0&readPreference=secondaryPreferred&retryWrites=false')
但我可以连接aws documentdb,而不必在pymongo上使用“rds组合ca bundle.pem”
import ssl
from pymongo import MongoClient
client = MongoClient(db_host, db_port, username=db_user, password=db_password, ssl=True, ssl_cert_reqs=ssl.CERT_NONE)
为什么不使用“rds组合ca bundle.pem”就可以连接
要获取最新的.pem文件,请使用以下链接:
https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html
如果查看Mongo文档,当您指定
ssl_cert_reqs=ssl.CERT_NONE
时,您告诉PyMongo绕过证书验证,仍然允许连接到服务器。 https://api.mongodb.com/python/3.3.0/examples/tls.html但是,当您指定证书时,它将使用推荐的方法提供的证书执行服务器验证
相关问题 更多 >
编程相关推荐