Navigation

mongocli atlas security customerCerts create

The security customerCerts describe command saves a customer-managed X.509 configuration for a project. You can also save a customer-managed X.509 configuration for a project through the Atlas UI or API.

Important

Saving a customer-managed X.509 configuration triggers a rolling restart.

mongocli atlas security customerCerts|certs create
--casFile <path/to/file.pem>
[ --output|-o <output-format> ]
[ --profile|-P <profile-name> ]
[ --projectId <project-ID> ]
Note

Use -h or --help to view the command-line help for this command.

Option
Type
Description
Required?
--casFile
string
The full path on your local system to the PEM-encoded Certificate Authority (CA) certificate or certificates that you want Atlas to use to authenticate database users.
yes
--output, -o
string

Command output format. Valid values are:

  • json for output in JSON format
  • go-template for custom output using the Go template
  • go-template-file for custom output specified using the Go template file

If omitted, the command returns output in the default format.

no
--profile, -P
string
Name of the profile where the public and private keys for the project are saved. If omitted, uses the default profile. To learn more about creating a profile, see Configure the MongoDB CLI.
no
--projectId
string

Unique identifier of the project. If omitted, uses the project ID in the profile or environment variable.

no

The command prints the following fields in the specified format to the terminal if the command succeeds. If the command prints an error, see Troubleshooting for recommended solutions.

Name
Type
Description
cas
string
PEM-encoded string containing one or more customer-managed CA certificates for database user authentication.

The following mongocli atlas security customerCerts create command saves a customer-managed X.509 configuration for a project. It uses the default profile to access the Atlas cluster.

mongocli atlas security customerCerts create --casFile path/to/ca.pem --output json --projectId 5e2211c17a3e5a48f5497de3

The command prints the following to the terminal. To learn more about these fields, see Output.

{
"cas": "-----BEGIN CERTIFICATE-----\nMIIEljCCAn4CCQDIOFwZ41mcVDANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJD...n9fAKZTI24VvEFW5dA21Ha3+JYli2JCqJV3s=\n-----END CERTIFICATE-----\n"
}
Give Feedback