MongoDB – Bring Your Own SSL Certificates

We’re happy to announce that you can now bring your own SSL certificates to configure on your MongoDB clusters.  This enables you to have end-to-end control over the SSL infrastructure of your application setup.

  1. Download Certificates

    Obtain wildcard certificates for a relevant subdomain of your domain namespace. E.g. * (If you have a single cert that supports multiple CNAME’s that will work as well).

  2. Setup CNAME’s

    Setup CNAME’s for each of your servers. E.g. If you have a three node replica set named ‘testcluster’: => => =>


  3. Configure Certificates in ScaleGrid UI

    In the ScaleGrid web console, select the ‘Update SSL’ option from the ‘Manage dropdown’:
    SSL bring your own certs

  4. Input the Private Key and the Public Key of your SSL Certs

    If necessary you can add the public certificates of your CA chain to the public key. This chain can then be accessed from the ‘Connection string’ dialog in the cluster details page.sslcertmodal

  5. Connect to your MongoDB Cluster:

    mongo -u <user> -p <password><db> --ssl --sslCAFile <path to cert chain>


If you have further questions, please feel free to reach out to us at [email protected]