Can we get DocumentDB support for the backend? It seems that connecting to DocumentDB currently errors out since the MongoDB driver will not accept the DocumentDB TLS certificates. AWS provides these CA certs: https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html.
Have you tested this: ?
Not sure if there is much I can do, it seems that you just have to import the certificate into your cert store.
I haven’t. I’m not sure exactly how I would manage this with the Kubernetes deployment of Squidex.
Might be worth to have a look at: https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/
I was able to get past that issue by adding a postStart lifecycle hook:
command: ["/bin/sh", “-c”, " wget https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem; cp rds-combined-ca-bundle.pem /usr/local/share/ca-certificates/; update-ca-certificates"]
I’m now however running into this issue:
“message”: “Command createIndexes failed: namespace name generated from index name is too long.”
The driver auto generates the names for indices based on the properties. Seems that DocumentDB does not like some of these names. So I guess I have to make a few adjustments to get it working with DocumentDB.
Sorry, when I closed the topic I thought DocumentDB=CosmosDB
Do you know how to open a connection to my DocumentDB instance from my local dev machine?
You can’t directly assign a public IP to DocumentDB, but you do have a couple of options:
- Create a dev machine in AWS
- Put DocumentDB behind an ALB (In theory should work, haven’t tested)
- Setup an SSH tunnel with a bastion host you have in AWS that does have internet access.
I am trying Option #3 but it just cannot connect without further details.
I installed mongo shell on my EC2 instance but even from there I cannot connect.
I got it working and the first tests look good.
Please give it a try.
I’ll be able to give this a try on Tuesday and let you know.