Can't have both SSL enabled and a custom SocketFactory

[ddossot]

Using spring-boot 1.3.2.RELEASE and mongo-java-driver 3.2.1 and this code:

@Bean
public MongoClientOptions mongoClientOptions() {
    return MongoClientOptions.builder().sslEnabled(true).socketFactory(mySF).build();
}

• If spring.data.mongodb.uri has ssl=true, then SSL is activated in MongoClient but mySF is not used,
• if spring.data.mongodb.uri doesn't have ssl=true, then SSL is not activated in MongoClient but mySF is used.

This is because the logics in MongoProperties.createMongoClient and MongoClientOptions.Builder.sslEnabled fight each other:

• the sslEnabled(true) bit in my code above is basically a no-op because createMongoClient assumes that ssl=true option will be set in the URI, and thus doesn't try to carry the value set on the builder,
• the socketFactory(mySF) is a no-op if ssl=true in the URI because sslEnabled wipes out the value in the builder with a default SSLSocketFactory.

So I'm kind of stuck between a rock and a hard place 😅 Any suggestion would be appreciated.

[philwebb]

It looks like sslEnabled was added in Mongo 3.0 and we're currently building against mongo 2.13.x. I'm guessing we probably need to update the MongoProperties.builder() method to try and set properties via reflection.

For now, your best option is to probably take complete control of creating the Mongo @Bean so that our auto-configuration doesn't get involved.

[ddossot]

Thank you for the quick response and suggestion.

[snicoll]

When you set ssl=true (or ssl=false) in the URI, it will reset to SocketFactory and there is not much we can do about that. I've created JAVA-2229 to track this problem (maybe we're doing something wrong there though).

We're compiling against 3.x now so I'll make sure the second case works.

[jyemin]

I'm looking at JAVA-2229 and will suggest options. Currently I don't see a workaround, and so we'll need to do a release to address the issue.