In this tutorial, you will learn how to install MongoDB with support for the latest version of OpenSSL on the Fedora Linux operating system.
If you already have it installed, this tutorial will help you fix the mongosh OpenSSL configuration error.
To follow along, you will need a terminal with root access and an internet connection to download the packages.
Here’s what we’ll cover:
The Core of the Problem
If you visit the official MongoDB documentation and look for instructions on how to install it on the Fedora Workstation OS, you won’t find anything. But you can find instructions on how to install it on the Red Hat Enterprise Linux OS.
“The Fedora project is the upstream, community distro of Red Hat® Enterprise Linux.” (Source: Red Hat)
In other words, Fedora and Red Hat Enterprise Linux are very similar.
“The primary difference between community and enterprise distros is who decides what’s important to users. A community distro’s direction is set by contributors, who choose and maintain packages from the wide variety of open source options. The direction of an enterprise distro is set by a vendor, based on the needs of their customers.” (Source: Red Hat)
Now, you may think that you can install MongoDB on Fedora by following the tutorial for installing it on Red Hat. By the way, thattutorial is available at Install MongoDB Community Edition on Red Hat or CentOS.
The problem is that it will not work – and to prove that, I will try to install it and show you what happens.
Note: I use the Node.js MongoDB Driver which, at the time I am writing this article, does not support the current MongoDB version (7.0). So I will try to install its previous version (6.0).
The required steps to install MongoDB on Fedora are as follows:
- Configure the package management system
- Install the MongoDB packages
To perform the first step, open your terminal, get root access, and type the following:
# touch /etc/yum.repos.d/mongodb-org-6.0.repo
Now, open the file using your preferred text editor (I am using the Gnome Text Editor, because it’s shipped with Fedora):
# gnome-text-editor /etc/yum.repos.d/mongodb-org-6.0.repo
And paste in these lines:
[mongodb-org-6.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/6.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-6.0.asc
Save the file and close it.
The second step can be performed by running the following command:
# dnf install -y mongodb-org
After running the command you will get an error similar to this:
Fedora 39 - x86_64 - Updates 34 kB/s | 46 kB 00:01
MongoDB Repository 63 B/s | 391 B 00:06
Errors during downloading metadata for repository 'mongodb-org-6.0':
- Status code: 404 for https://repo.mongodb.org/yum/redhat/39/mongodb-org/6.0/x86_64/repodata/repomd.xml (IP: 65.8.214.17)
Error: Failed to download metadata for repo 'mongodb-org-6.0': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
Ignoring repositories: mongodb-org-6.0
Last metadata expiration check: 0:00:02 ago on Thu 30 Nov 2023 09:15:21 AM -03.
No match for argument: mongodb-org
Error: Unable to find a match: mongodb-org
This is a 404
error, which means you need to change the baseurl
of the file that configures the repo.
If you try to open the baseurl
in your browser you will get a 404
error as well:
This is the core of the problem.
Workaround for Installing MongoDB
You can infer that in order to fix the problem you need to change the value assigned to the baseurl
. The question becomes: what is the URL that leads to the page containing the packages?
The answers is offered by the official MongoDB documentation:
“You can also download the
.rpm
files directly from the MongoDB repository. Downloads are organized by Red Hat / CentOS version (e.g.7
), then MongoDB release version (e.g.6.0
), then architecture (e.g.x86_64
).” (Source: MongoDB)
Now, visiting the MongoDB repository will take you to this page:
From here I navigated to the proper repo, selecting my preferred MongoDB version and system architecture. You should do the same.
I ended up with the following URL:
https://repo.mongodb.org/yum/redhat/9Server/mongodb-org/6.0/x86_64/RPMS/
This URL leads to the repo where the packages of MongoDB 6.0 can be found for systems based on an x86_64 architecture.
This is what I found there:
After being sure the packages could be found, I updated the file that configures the repo. But the baseurl
should point to the parent of RPMS
directory, which resulted in the following URL:
https://repo.mongodb.org/yum/redhat/9Server/mongodb-org/6.0/x86_64/
I ran:
# gnome-text-editor /etc/yum.repos.d/mongodb-org-6.0.repo
Updated the baseurl
:
[mongodb-org-6.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/9Server/mongodb-org/6.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-6.0.asc
And installed the packages:
# dnf install -y mongodb-org
These are the packages that that were installed:
Installed:
mongodb-database-tools-100.9.3-1.x86_64
mongodb-mongosh-2.1.0-1.el8.x86_64
mongodb-org-6.0.12-1.el9.x86_64
mongodb-org-database-6.0.12-1.el9.x86_64
mongodb-org-database-tools-extra-6.0.12-1.el9.x86_64
mongodb-org-mongos-6.0.12-1.el9.x86_64
mongodb-org-server-6.0.12-1.el9.x86_64
mongodb-org-tools-6.0.12-1.el9.x86_64
openssl-1:3.1.1-4.fc39.x86_64
Understanding the Mongosh OpenSSL Error
To confirm the installation of the database server, run this command:
# mongod --version
You will get a message similar to this:
db version v6.0.12
Build Info: {
"version": "6.0.12",
"gitVersion": "21e6e8e11a45dfbdb7ca6cf95fa8c5f859e2b118",
"openSSLVersion": "OpenSSL 3.1.1 30 May 2023",
"modules": [],
"allocator": "tcmalloc",
"environment": {
"distmod": "rhel90",
"distarch": "x86_64",
"target_arch": "x86_64"
}
}
To confirm the installation of the shell, run this command:
# mongosh --version
And this is the message you will get:
mongosh: OpenSSL configuration error:
00899523A67F0000:error:030000A9:digital envelope routines:alg_module_init:unknown option:../deps/openssl/openssl/crypto/evp/evp_cnf.c:61:name=rh-allow-sha1-signatures, value=yes
Oops! There was an error.
I checked the installed OpenSSL version by running this command:
# openssl version
And got this result:
OpenSSL 3.1.1 30 May 2023 (Library: OpenSSL 3.1.1 30 May 2023)
With that, I discarded a possible mismatch between the installed and the required OpenSSL versions.
After some research, I discovered that:
“There are two new PPA packages created from the mongosh source: In addition to mongodb-mongosh, mongodb-mongosh-shared-openssl11 and mongodb-mongosh-shared-openssl3 are also provided. These link against a system-installed dynamic OpenSSL library.” (Source: MongoDB Jira)
When I looked at the packages that were installed, I saw the mongodb-mongosh package. So I knew I need to replace it with the mongodb-mongosh-shared-openssl3.
By the way,
“The package name denotes that it’s the cut of mongosh compiled against openssl3.” ― Jack Woehr
Now that we understand the problem, let’s fix it.
Workaround for Fixing the Error on Existing MongoDB Installations
If you already have MongoDB installed, these are the steps required to fix the problem:
- Stop MongoDB
- Remove the mongodb-org package
- Remove the mongodb-mongosh package
- Install the mongodb-mongosh-shared-openssl3 package
- Enable MongoDB
You have to perform these steps in the correct order. If you try to install the mongodb-mongosh-shared-openssl3 package without uninstalling the mongodb-mongosh package first, you will get a conflict error:
Error: Transaction test error:
file /usr/bin/mongosh from install of mongodb-mongosh-shared-openssl3-2.1.0-1.el8.x86_64 conflicts with file from package mongodb-mongosh-2.1.0-1.el8.x86_64
If you try to uninstall the mongodb-mongosh package without uninstalling the mongodb-org package first, you will get a dependency error:
error: Failed dependencies:
mongodb-mongosh is needed by (installed) mongodb-org-6.0.12-1.el9.x86_64
To stop MongoDB, run this command:
# systemctl stop mongod
Note: The command will output nothing if everything goes well.
To remove the mongodb-org and the mongodb-mongosh packages, run:
# rpm -e mongodb-org mongodb-mongosh
Note: I am not using the dnf
command as it would remove mongodb-org and all of its dependencies.
You can also confirm that only the two packages were removed by running:
# rpm -qa | grep mongodb-*
The output should be:
mongodb-org-database-tools-extra-6.0.12-1.el9.x86_64
mongodb-database-tools-100.9.3-1.x86_64
mongodb-org-tools-6.0.12-1.el9.x86_64
mongodb-org-server-6.0.12-1.el9.x86_64
mongodb-org-mongos-6.0.12-1.el9.x86_64
mongodb-org-database-6.0.12-1.el9.x86_64
To install the mongodb-org and the mongodb-mongosh-shared-openssl3 packages, run:
# dnf install -y mongodb-org mongodb-mongosh-shared-openssl3
Finally, to start MongoDB with your operating system, run:
# systemctl start mongod
If you want to be sure the workaround worked, run:
# mongod --version
And then this:
# mongosh --version
Now, if you are concerned about destroying data, know that logs and databases will only be removed if you run the following commands:
# rm -r /var/log/mongodb
And this:
# rm -r /var/lib/mongo
One more thing: if you run mongosh
and get the following error:
MongoNetworkError: connect ECONNREFUSED 127.0.0.1:27017
restart your machine. It will solve the problem.
How to Install MongoDB with OpenSSL 3 Support From Scratch
If you are installing MongoDB for the first time, you only have to perform two steps:
- Configure the package management system
- Install the MongoDB packages specifying them individually
You can perform the first step by following what I did on the The Core of the Problem and Workaround for Installing MongoDB sections of this article.
However, to install the right packages you should replace this command:
# dnf install -y mongodb-org
with this one:
# dnf install -y mongodb-org mongodb-mongosh-shared-openssl3 openssl mongodb-org-database-tools-extra mongodb-database-tools mongodb-org-tools mongodb-org-server mongodb-org-mongos mongodb-org-database
You can confirm that all packages have been installed by running:
# rpm -qa | grep mongodb-*
Which should output something similar to this:
mongodb-org-database-tools-extra-6.0.12-1.el9.x86_64
mongodb-database-tools-100.9.3-1.x86_64
mongodb-org-tools-6.0.12-1.el9.x86_64
mongodb-org-server-6.0.12-1.el9.x86_64
mongodb-org-mongos-6.0.12-1.el9.x86_64
mongodb-org-database-6.0.12-1.el9.x86_64
mongodb-mongosh-shared-openssl3-2.1.0-1.el8.x86_64
mongodb-org-6.0.12-1.el9.x86_64
Keep in mind that the previous command will only output mongodb-related packages. To confirm OpenSSL installation, run:
# openssl version
You should get something like this:
OpenSSL 3.1.1 30 May 2023 (Library: OpenSSL 3.1.1 30 May 2023)
The packages will be updated with your system as you can see in the screenshot below.
Conclusion
Package updates are important, because they bring in new functionality and/or increase applications security. But they can also cause headaches when they case errors like the one we dealt with in this article.
Although you might be tempted to roll back the update to get rid of the problem, don’t do that. Try to solve it instead.
Paying attention to error messages, reading official documentation, and researching the Web will most likely be enough for solving the majority of the problems you come across.
Besides, knowing how different commands affect the way packages are installed/uninstalled on your operating system can salve you time and data (if you are on a metered connection).
If this article was useful to you, bookmark it and share it with your friends. You can can also follow me on Twitter.
See you in the next one!