How to install MongoDB on CentOS 8

Installing MongoDB + Certificates on CentOS 8


Setup hostname


Update hostname file to set the server name permanently

nano /etc/hostname

set the hostname in the file to

add host

echo "$IP" >> /etc/hosts

Setup LetsEncrypt

Install git and clone letsencrypt

dnf install git -y &&
git clone /opt/letsencrypt &&
cd /opt/letsencrypt

Request the certificate

./letsencrypt-auto certonly -d
  • LetsEncrypt will ask you to look an entry in you server. If not not have nginx select [1], else, select [2] and add on nginx the follow lines
location ~ /.well-known {
        allow all;

then restart the nginx service

Setup the LetsEncrypt Files

Join on LetsEncrypt folder

cd /etc/letsencrypt/live/

Generate cert combining privKey.pem with cert.pem

cat privkey.pem cert.pem > /etc/ssl/mongodb.pem

Download the TrustID X3 Root Cert

Get the IdenTrust DST Root CA X3 from LetsEncrypt

wget -c -O trustid-x3-root.pem

Create CA file

cat chain.pem trustid-x3-root.pem > /etc/ssl/ca.pem

Just to make sure that everything is setup correctly run

openssl verify -CAfile /etc/ssl/ca.pem /etc/ssl/mongodb.pem

You should get

mongodb.pem: OK

Give permissions

chmod 400 /etc/ssl/ca.pem
chmod 400 /etc/ssl/mongodb.pem
chown mongod /etc/ssl/ca.pem
chown mongod /etc/ssl/mongodb.pem

Configure MongoDB

Edit mongod.conf

nano /etc/mongod.conf

Specify the SSL locations. You may to specify a PEMKeyPassword if you got the cert from an different source than letsencrypt.

  mode: requireTLS
  certificateKeyFile: /etc/ssl/mongodb.pem
  CAFile: /etc/ssl/ca.pem

Restart MongoDB

systemctl restart mongod


Then log into the shell using ssl:

mongo --ssl -sslCAFile /etc/ssl/ca.pem --host --sslPEMKeyFile /etc/ssl/mongodb.pem