Navigation

mongocli atlas security customerCerts create

On this page

The security customerCerts describe command saves a customer-managed X.509 configuration for a project. You can also save a customer-managed X.509 configuration for a project through the Atlas UI or API.

Important

Saving a customer-managed X.509 configuration triggers a rolling restart.

Syntax

mongocli atlas security customerCerts|certs create
       --casFile <path/to/file.pem>
     [ --output|-o <output-format> ]
     [ --profile|-P <profile-name> ]
     [ --projectId <project-ID> ]

Note

Use -h or --help to view the command-line help for this command.

Options

Option Type Description Required?
--casFile string The full path on your local system to the PEM-encoded Certificate Authority (CA) certificate or certificates that you want Atlas to use to authenticate database users. yes
--output, -o string

Command output format. Valid values are:

  • json for output in JSON format
  • go-template for custom output using the Go template
  • go-template-file for custom output specified using Go template file

If omitted, the command returns output in the default format.

no
--profile, -P string Name of the profile where the public and private keys for the project are saved. If omitted, uses the default profile. To learn more about creating a profile, see Configure the MongoDB CLI. no
--projectId string Unique identifier of the project for which you want to save a customer-managed X.509 configuration. If omitted, uses the project ID in the profile or environment variable. no

Output

The command prints the following fields in the specified format to the terminal if the command succeeds. If the command prints an error, see Troubleshooting for recommended solutions.

Name Type Description
cas string PEM-encoded string containing one or more customer-managed CA certificates for database user authentication.

Example

The following mongocli atlas security customerCerts create command saves a customer-managed X.509 configuration for a project. It uses the default profile to access the Atlas cluster.

mongocli atlas security customerCerts create --casFile path/to/ca.pem --output json --projectId 5e2211c17a3e5a48f5497de3

The command prints the following to the terminal. To learn more about these fields, see Output.

{
  "cas": "-----BEGIN CERTIFICATE-----\nMIIEljCCAn4CCQDIOFwZ41mcVDANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJD...n9fAKZTI24VvEFW5dA21Ha3+JYli2JCqJV3s=\n-----END CERTIFICATE-----\n"
}