.TH "MONGOD" "1" "March 14, 2013" "2.2.3" "mongodb-manual" .SH NAME mongod \- MongoDB Server . .nr rst2man-indent-level 0 . .de1 rstReportMargin \\$1 \\n[an-margin] level \\n[rst2man-indent-level] level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] - \\n[rst2man-indent0] \\n[rst2man-indent1] \\n[rst2man-indent2] .. .de1 INDENT .\" .rstReportMargin pre: . RS \\$1 . nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] . nr rst2man-indent-level +1 .\" .rstReportMargin post: .. .de UNINDENT . RE .\" indent \\n[an-margin] .\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] .nr rst2man-indent-level -1 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. .\" Man page generated from reStructuredText. . .SH SYNOPSIS .sp \fI\%mongod\fP is the primary daemon process for the MongoDB system. It handles data requests, manages data format, and performs background management operations. .sp This document provides a complete overview of all command line options for \fI\%mongod\fP. These options are primarily useful for testing purposes. In common operation, use the \fBconfiguration file options\fP to control the behavior of your database, which is fully capable of all operations described below. .SH OPTIONS .INDENT 0.0 .TP .B mongod .UNINDENT .INDENT 0.0 .TP .B \-\-help, \-h Returns a basic help and usage text. .UNINDENT .INDENT 0.0 .TP .B \-\-version Returns the version of the \fI\%mongod\fP daemon. .UNINDENT .INDENT 0.0 .TP .B \-\-config , \-f Specifies a configuration file, that you can use to specify runtime\-configurations. While the options are equivalent and accessible via the other command line arguments, the configuration file is the preferred method for runtime configuration of mongod. See the "\fB/reference/configuration\-options\fP" document for more information about these options. .UNINDENT .INDENT 0.0 .TP .B \-\-verbose, \-v Increases the amount of internal reporting returned on standard output or in the log file specified by \fI\%--logpath\fP. Use the \fB\-v\fP form to control the level of verbosity by including the option multiple times, (e.g. \fB\-vvvvv\fP.) .UNINDENT .INDENT 0.0 .TP .B \-\-quiet Runs the \fI\%mongod\fP instance in a quiet mode that attempts to limit the amount of output. This option suppresses: .INDENT 7.0 .IP \(bu 2 output from \fIdatabase commands\fP, including \fBdrop\fP, \fBdropIndexes\fP, \fBdiagLogging\fP, \fBvalidate\fP, and \fBclean\fP. .IP \(bu 2 replication activity. .IP \(bu 2 connection accepted events. .IP \(bu 2 connection closed events. .UNINDENT .UNINDENT .INDENT 0.0 .TP .B \-\-port Specifies a TCP port for the \fI\%mongod\fP to listen for client connections. By default \fI\%mongod\fP listens for connections on port 27017. .sp UNIX\-like systems require root privileges to use ports with numbers lower than 1024. .UNINDENT .INDENT 0.0 .TP .B \-\-bind_ip The IP address that the \fI\%mongod\fP process will bind to and listen for connections. By default \fI\%mongod\fP listens for connections on the localhost (i.e. \fB127.0.0.1\fP address.) You may attach \fI\%mongod\fP to any interface; however, if you attach \fI\%mongod\fP to a publicly accessible interface ensure that you have implemented proper authentication and/or firewall restrictions to protect the integrity of your database. .UNINDENT .INDENT 0.0 .TP .B \-\-maxConns Specifies the maximum number of simultaneous connections that \fI\%mongod\fP will accept. This setting will have no effect if it is higher than your operating system\(aqs configured maximum connection tracking threshold. .IP Note You cannot set \fBmaxConns\fP to a value higher than \fI20000\fP. .RE .UNINDENT .INDENT 0.0 .TP .B \-\-objcheck Forces the \fI\%mongod\fP to validate all requests from clients upon receipt to ensure that clients never insert invalid documents into the database. For objects with a high degree of sub\-document nesting, \fI\%--objcheck\fP can have a small impact on performance. You can set \fI\%--noobjcheck\fP to disable object checking at run\-time. .sp Changed in version 2.4: MongoDB enables \fI\%--objcheck\fP by default, to prevent any client from inserting malformed or invalid BSON into a MongoDB database. .UNINDENT .INDENT 0.0 .TP .B \-\-noobjcheck New in version 2.4. .sp Disables the default document validation that MongoDB performs on all incoming BSON documents. .UNINDENT .INDENT 0.0 .TP .B \-\-logpath Specify a path for the log file that will hold all diagnostic logging information. .sp Unless specified, \fI\%mongod\fP will output all log information to the standard output. Additionally, unless you also specify \fI\%--logappend\fP, the logfile will be overwritten when the process restarts. .IP Note The behavior of the logging system may change in the near future in response to the \fI\%SERVER-4499\fP case. .RE .UNINDENT .INDENT 0.0 .TP .B \-\-logappend When specified, this option ensures that \fI\%mongod\fP appends new entries to the end of the logfile rather than overwriting the content of the log when the process restarts. .UNINDENT .INDENT 0.0 .TP .B \-\-syslog New in version 2.1.0. .sp Sends all logging output to the host\(aqs \fIsyslog\fP system rather than to standard output or a log file as with \fI\%--logpath\fP. .IP Warning You cannot use \fI\%--syslog\fP with \fI\%--logpath\fP. .RE .UNINDENT .INDENT 0.0 .TP .B \-\-pidfilepath Specify a file location to hold the "\fIPID\fP" or process ID of the \fI\%mongod\fP process. Useful for tracking the \fI\%mongod\fP process in combination with the \fI\%mongod --fork\fP option. .sp Without a specified \fI\%--pidfilepath\fP option, \fBmongos\fP creates no PID file. .UNINDENT .INDENT 0.0 .TP .B \-\-keyFile Specify the path to a key file to store authentication information. This option is only useful for the connection between replica set members. .IP "See also" .sp "\fIReplica Set Security\fP" and "\fB/administration/replica\-sets\fP." .RE .UNINDENT .INDENT 0.0 .TP .B \-\-nounixsocket Disables listening on the UNIX socket. Unless set to false, \fI\%mongod\fP and \fBmongos\fP provide a UNIX\-socket. .UNINDENT .INDENT 0.0 .TP .B \-\-unixSocketPrefix Specifies a path for the UNIX socket. Unless this option has a value, \fI\%mongod\fP and \fBmongos\fP, create a socket with the \fB/tmp\fP as a prefix. .UNINDENT .INDENT 0.0 .TP .B \-\-fork Enables a \fIdaemon\fP mode for \fI\%mongod\fP that runs the process to the background. This is the normal mode of operation, in production and production\-like environments, but may \fInot\fP be desirable for testing. .UNINDENT .INDENT 0.0 .TP .B \-\-auth Enables database authentication for users connecting from remote hosts. configure users via the \fBmongo shell shell\fP. If no users exist, the localhost interface will continue to have access to the database until the you create the first user. .sp See the \fBSecurity and Authentication\fP page for more information regarding this functionality. .UNINDENT .INDENT 0.0 .TP .B \-\-cpu Forces \fI\%mongod\fP to report the percentage of CPU time in write lock. \fI\%mongod\fP generates output every four seconds. MongoDB writes this data to standard output or the logfile if using the \fBlogpath\fP option. .UNINDENT .INDENT 0.0 .TP .B \-\-dbpath Specify a directory for the \fI\%mongod\fP instance to store its data. Typical locations include: \fB/srv/mongodb\fP, \fB/var/lib/mongodb\fP or \fB/opt/mongodb\fP .sp Unless specified, \fI\%mongod\fP will look for data files in the default \fB/data/db\fP directory. (Windows systems use the \fB\edata\edb\fP directory.) If you installed using a package management system. Check the \fB/etc/mongodb.conf\fP file provided by your packages to see the configuration of the \fBdbpath\fP. .UNINDENT .INDENT 0.0 .TP .B \-\-diaglog Creates a very verbose, \fIdiagnostic log\fP for troubleshooting and recording various errors. MongoDB writes these log files in the \fBdbpath\fP directory in a series of files that begin with the string \fBdiaglog\fP and end with the initiation time of the logging as a hex string. .sp The specified value configures the level of verbosity. Possible values, and their impact are as follows. .TS center; |l|l|. _ T{ \fBValue\fP T} T{ \fBSetting\fP T} _ T{ 0 T} T{ off. No logging. T} _ T{ 1 T} T{ Log write operations. T} _ T{ 2 T} T{ Log read operations. T} _ T{ 3 T} T{ Log both read and write operations. T} _ T{ 7 T} T{ Log write and some read operations. T} _ .TE .sp You can use the \fBmongosniff\fP tool to replay this output for investigation. Given a typical diaglog file, located at \fB/data/db/diaglog.4f76a58c\fP, you might use a command in the following form to read these files: .sp .nf .ft C mongosniff \-\-source DIAGLOG /data/db/diaglog.4f76a58c .ft P .fi .sp \fI\%--diaglog\fP is for internal use and not intended for most users. .IP Warning Setting the diagnostic level to \fB0\fP will cause \fI\%mongod\fP to stop writing data to the \fIdiagnostic log\fP file. However, the \fI\%mongod\fP instance will continue to keep the file open, even if it is no longer writing data to the file. If you want to rename, move, or delete the diagnostic log you must cleanly shut down the \fI\%mongod\fP instance before doing so. .RE .UNINDENT .INDENT 0.0 .TP .B \-\-directoryperdb Alters the storage pattern of the data directory to store each database\(aqs files in a distinct folder. This option will create directories within the \fI\%--dbpath\fP named for each directory. .sp Use this option in conjunction with your file system and device configuration so that MongoDB will store data on a number of distinct disk devices to increase write throughput or disk capacity. .UNINDENT .INDENT 0.0 .TP .B \-\-journal Enables operation journaling to ensure write durability and data consistency. \fI\%mongod\fP enables journaling by default on 64\-bit builds of versions after 2.0. .UNINDENT .INDENT 0.0 .TP .B \-\-journalOptions Provides functionality for testing. Not for general use, and may affect database integrity. .UNINDENT .INDENT 0.0 .TP .B \-\-journalCommitInterval Specifies the maximum amount of time for \fI\%mongod\fP to allow between journal operations. The default value is 100 milliseconds, while possible values range from 2 to 300 milliseconds. Lower values increase the durability of the journal, at the expense of disk performance. .sp To force \fI\%mongod\fP to commit to the journal more frequently, you can specify \fBj:true\fP. When a write operation with \fBj:true\fP pending, \fI\%mongod\fP will reduce \fBjournalCommitInterval\fP to a third of the set value. .UNINDENT .INDENT 0.0 .TP .B \-\-ipv6 Specify this option to enable IPv6 support. This will allow clients to connect to \fI\%mongod\fP using IPv6 networks. \fI\%mongod\fP disables IPv6 support by default in \fI\%mongod\fP and all utilities. .UNINDENT .INDENT 0.0 .TP .B \-\-jsonp Permits \fIJSONP\fP access via an HTTP interface. Consider the security implications of allowing this activity before enabling this option. .UNINDENT .INDENT 0.0 .TP .B \-\-noauth Disable authentication. Currently the default. Exists for future compatibility and clarity. .UNINDENT .INDENT 0.0 .TP .B \-\-nohttpinterface Disables the HTTP interface. .UNINDENT .INDENT 0.0 .TP .B \-\-nojournal Disables the durability journaling. By default, \fI\%mongod\fP enables journaling in 64\-bit versions after v2.0. .UNINDENT .INDENT 0.0 .TP .B \-\-noprealloc Disables the preallocation of data files. This will shorten the start up time in some cases, but can cause significant performance penalties during normal operations. .UNINDENT .INDENT 0.0 .TP .B \-\-noscripting Disables the scripting engine. .UNINDENT .INDENT 0.0 .TP .B \-\-notablescan Forbids operations that require a table scan. .UNINDENT .INDENT 0.0 .TP .B \-\-nssize Specifies the default size for namespace files (i.e \fB.ns\fP). This option has no impact on the size of existing namespace files. The maximum size is 2047 megabytes. .sp The default value is 16 megabytes; this provides for approximately 24,000 namespaces. Each collection, as well as each index, counts as a namespace. .UNINDENT .INDENT 0.0 .TP .B \-\-profile Changes the level of database profiling, which inserts information about operation performance into output of \fI\%mongod\fP or the log file. The following levels are available: .TS center; |l|l|. _ T{ \fBLevel\fP T} T{ \fBSetting\fP T} _ T{ 0 T} T{ Off. No profiling. T} _ T{ 1 T} T{ On. Only includes slow operations. T} _ T{ 2 T} T{ On. Includes all operations. T} _ .TE .sp Profiling is off by default. Database profiling can impact database performance. Enable this option only after careful consideration. .UNINDENT .INDENT 0.0 .TP .B \-\-quota Enables a maximum limit for the number data files each database can have. When running with \fI\%--quota\fP, there are a maximum of 8 data files per database. Adjust the quota with the \fI\%--quotaFiles\fP option. .UNINDENT .INDENT 0.0 .TP .B \-\-quotaFiles Modify limit on the number of data files per database. This option requires the \fI\%--quota\fP setting. The default value for \fI\%--quotaFiles\fP is 8. .UNINDENT .INDENT 0.0 .TP .B \-\-rest Enables the simple \fIREST\fP API. .UNINDENT .INDENT 0.0 .TP .B \-\-repair Runs a repair routine on all databases. This is equivalent to shutting down and running the \fBrepairDatabase\fP database command on all databases. .IP Warning In general, if you have an intact copy of your data, such as would exist on a very recent backup or an intact member of a \fIreplica set\fP, \fBdo not\fP use \fBrepairDatabase\fP or related options like \fBdb.repairDatabase()\fP in the \fBmongo\fP shell or \fI\%mongod --repair\fP. Restore from an intact copy of your data. .RE .IP Note When using \fIjournaling\fP, there is almost never any need to run \fBrepairDatabase\fP. In the event of an unclean shutdown, the server will be able restore the data files to a pristine state automatically. .RE .sp Changed in version 2.1.2. .sp If you run the repair option \fIand\fP have data in a journal file, \fI\%mongod\fP will refuse to start. In these cases you should start \fI\%mongod\fP without the \fI\%--repair\fP option to allow \fI\%mongod\fP to recover data from the journal. This will complete more quickly and will result in a more consistent and complete data set. .sp To continue the repair operation despite the journal files, shut down \fI\%mongod\fP cleanly and restart with the \fI\%--repair\fP option. .IP Note \fI\%--repair\fP copies data from the source data files into new data files in the \fBrepairpath\fP, and then replaces the original data files with the repaired data files. \fIIf\fP \fBrepairpath\fP is on the same device as \fBdbpath\fP, you \fImay\fP interrupt a \fI\%mongod\fP running \fI\%--repair\fP without affecting the integrity of the data set. .RE .UNINDENT .INDENT 0.0 .TP .B \-\-repairpath Specifies the root directory containing MongoDB data files, to use for the \fI\%--repair\fP operation. Defaults to a \fB_tmp\fP directory within the \fBdbpath\fP. .UNINDENT .INDENT 0.0 .TP .B \-\-setParameter New in version 2.4. .sp Specifies an option to configure on startup. Specify multiple options with multiple \fI\%--setParameter\fP options. See \fB/reference/parameters\fP for full documentation of these parameters. The \fBsetParameter\fP database command provides access to many of these parameters. \fI\%--setParameter\fP supports the following options: .INDENT 7.0 .IP \(bu 2 \fBenableLocalhostAuthBypass\fP .IP \(bu 2 \fBenableTestCommands\fP .IP \(bu 2 \fBjournalCommitInterval\fP .IP \(bu 2 \fBlogLevel\fP .IP \(bu 2 \fBlogUserIds\fP .IP \(bu 2 \fBnotablescan\fP .IP \(bu 2 \fBquiet\fP .IP \(bu 2 \fBreplApplyBatchSize\fP .IP \(bu 2 \fBreplIndexPrefetch\fP .IP \(bu 2 \fBsupportCompatibilityFormPrivilegeDocuments\fP .IP \(bu 2 \fBsyncdelay\fP .IP \(bu 2 \fBtraceExceptions\fP .UNINDENT .UNINDENT .INDENT 0.0 .TP .B \-\-slowms Defines the value of "slow," for the \fI\%--profile\fP option. The database logs all slow queries to the log, even when the profiler is not turned on. When the database profiler is on, \fI\%mongod\fP the profiler writes to the \fBsystem.profile\fP collection. See the \fBprofile\fP command for more information on the database profiler. .UNINDENT .INDENT 0.0 .TP .B \-\-smallfiles Enables a mode where MongoDB uses a smaller default file size. Specifically, \fI\%--smallfiles\fP reduces the initial size for data files and limits them to 512 megabytes. \fI\%--smallfiles\fP also reduces the size of each \fIjournal\fP files from 1 gigabyte to 128 megabytes. .sp Use \fI\%--smallfiles\fP if you have a large number of databases that each holds a small quantity of data. \fI\%--smallfiles\fP can lead your \fI\%mongod\fP to create a large number of files, which may affect performance for larger databases. .UNINDENT .INDENT 0.0 .TP .B \-\-shutdown Used in \fIcontrol scripts\fP, the \fI\%--shutdown\fP will cleanly and safely terminate the \fI\%mongod\fP process. When invoking \fI\%mongod\fP with this option you must set the \fI\%--dbpath\fP option either directly or by way of the \fBconfiguration file\fP and the \fI\%--config\fP option. .sp \fI\%--shutdown\fP is only available on Linux systems. .UNINDENT .INDENT 0.0 .TP .B \-\-syncdelay \fI\%mongod\fP writes data very quickly to the journal, and lazily to the data files. \fI\%--syncdelay\fP controls how much time can pass before MongoDB flushes data to the \fIdatabase files\fP via an \fIfsync\fP operation. The default setting is 60 seconds. In almost every situation you should not set this value and use the default setting. .sp The \fBserverStatus\fP command reports the background flush thread\(aqs status via the \fBbackgroundFlushing\fP field. .sp \fBsyncdelay\fP has no effect on the \fBjournal\fP files or \fBjournaling\fP. .IP Warning If you set \fI\%--syncdelay\fP to \fB0\fP, MongoDB will not sync the memory mapped files to disk. Do not set this value on production systems. .RE .UNINDENT .INDENT 0.0 .TP .B \-\-sysinfo Returns diagnostic system information and then exits. The information provides the page size, the number of physical pages, and the number of available physical pages. .UNINDENT .INDENT 0.0 .TP .B \-\-upgrade Upgrades the on\-disk data format of the files specified by the \fI\%--dbpath\fP to the latest version, if needed. .sp This option only affects the operation of \fI\%mongod\fP if the data files are in an old format. .IP Note In most cases you should \fBnot\fP set this value, so you can exercise the most control over your upgrade process. See the MongoDB \fI\%release notes\fP (on the download page) for more information about the upgrade process. .RE .UNINDENT .INDENT 0.0 .TP .B \-\-traceExceptions For internal diagnostic use only. .UNINDENT .SS Replication Options .INDENT 0.0 .TP .B \-\-replSet Use this option to configure replication with replica sets. Specify a setname as an argument to this set. All hosts must have the same set name. .IP "See also" .sp "\fB/replication\fP," "\fB/administration/replica\-sets\fP," and "\fB/reference/replica\-configuration\fP" .RE .UNINDENT .INDENT 0.0 .TP .B \-\-oplogSize Specifies a maximum size in megabytes for the replication operation log (e.g. \fIoplog\fP.) By \fI\%mongod\fP creates an \fIoplog\fP based on the maximum amount of space available. For 64\-bit systems, the op log is typically 5% of available disk space. .sp Once the \fI\%mongod\fP has created the oplog for the first time, changing \fI\%--oplogSize\fP will not affect the size of the oplog. .UNINDENT .INDENT 0.0 .TP .B \-\-fastsync In the context of \fIreplica set\fP replication, set this option if you have seeded this member with a snapshot of the \fIdbpath\fP of another member of the set. Otherwise the \fI\%mongod\fP will attempt to perform an initial sync, as though the member were a new member. .IP Warning If the data is not perfectly synchronized \fIand\fP \fI\%mongod\fP starts with \fBfastsync\fP, then the secondary or slave will be permanently out of sync with the primary, which may cause significant consistency problems. .RE .UNINDENT .INDENT 0.0 .TP .B \-\-replIndexPrefetch New in version 2.2. .sp You must use \fI\%--replIndexPrefetch\fP in conjunction with \fBreplSet\fP. The default value is \fBall\fP and available options are: .INDENT 7.0 .IP \(bu 2 \fBnone\fP .IP \(bu 2 \fBall\fP .IP \(bu 2 \fB_id_only\fP .UNINDENT .sp By default \fIsecondary\fP members of a \fIreplica set\fP will load all indexes related to an operation into memory before applying operations from the oplog. You can modify this behavior so that the secondaries will only load the \fB_id\fP index. Specify \fB_id_only\fP or \fBnone\fP to prevent the \fI\%mongod\fP from loading \fIany\fP index into memory. .UNINDENT .SS Master\-Slave Replication .sp These options provide access to conventional master\-slave database replication. While this functionality remains accessible in MongoDB, replica sets are the preferred configuration for database replication. .INDENT 0.0 .TP .B \-\-master Configures \fI\%mongod\fP to run as a replication \fImaster\fP. .UNINDENT .INDENT 0.0 .TP .B \-\-slave Configures \fI\%mongod\fP to run as a replication \fIslave\fP. .UNINDENT .INDENT 0.0 .TP .B \-\-source <:port> For use with the \fI\%--slave\fP option, the \fB\-\-source\fP option designates the server that this instance will replicate. .UNINDENT .INDENT 0.0 .TP .B \-\-only For use with the \fI\%--slave\fP option, the \fB\-\-only\fP option specifies only a single \fIdatabase\fP to replicate. .UNINDENT .INDENT 0.0 .TP .B \-\-slavedelay For use with the \fI\%--slave\fP option, the \fB\-\-slavedelay\fP option configures a "delay" in seconds, for this slave to wait to apply operations from the \fImaster\fP node. .UNINDENT .INDENT 0.0 .TP .B \-\-autoresync For use with the \fI\%--slave\fP option, the \fI\%--autoresync\fP option allows this slave to automatically resync if the local data is more than 10 seconds behind the master. This option may be problematic if the \fIoplog\fP is too small (controlled by the \fI\%--oplogSize\fP option.) If the \fIoplog\fP not large enough to store the difference in changes between the master\(aqs current state and the state of the slave, this node will forcibly resync itself unnecessarily. When you set the If the \fI\%--autoresync\fP option the slave will not attempt an automatic resync more than once in a ten minute period. .UNINDENT .SS Sharding Cluster Options .INDENT 0.0 .TP .B \-\-configsvr Declares that this \fI\%mongod\fP instance serves as the \fIconfig database\fP of a sharded cluster. When running with this option, clients will not be able to write data to any database other than \fBconfig\fP and \fBadmin\fP. The default port for \fI\%mongod\fP with this option is \fB27019\fP and \fI\%mongod\fP writes all data files to the \fB/configdb\fP sub\-directory of the \fI\%--dbpath\fP directory. .UNINDENT .INDENT 0.0 .TP .B \-\-shardsvr Configures this \fI\%mongod\fP instance as a shard in a partitioned cluster. The default port for these instances is \fB27018\fP. The only effect of \fI\%--shardsvr\fP is to change the port number. .UNINDENT .INDENT 0.0 .TP .B \-\-noMoveParanoia Disables a "paranoid mode" for data writes for chunk migration operation. See the \fIchunk migration\fP and \fBmoveChunk\fP command documentation for more information. .sp By default \fI\%mongod\fP will save copies of migrated chunks on the "from" server during migrations as "paranoid mode." Setting this option disables this paranoia. .UNINDENT .SS SSL Options .IP "See" .sp \fB/administration/ssl\fP for full documentation of MongoDB\(aqs support. .RE .INDENT 0.0 .TP .B \-\-sslOnNormalPorts New in version 2.2. .IP Note The \fI\%default distribution of MongoDB\fP does \fBnot\fP contain support for SSL. To use SSL you can either compile MongoDB with SSL support or use the MongoDB Subscriber Edition. See \fB/administration/ssl\fP for more information about SSL and MongoDB. .RE .sp Enables SSL for \fI\%mongod\fP. With \fI\%--sslOnNormalPorts\fP, a \fI\%mongod\fP requires SSL encryption for all connections on the default MongoDB port, or the port specified by \fI\%--port\fP. By default, \fI\%--sslOnNormalPorts\fP is disabled. .UNINDENT .INDENT 0.0 .TP .B \-\-sslPEMKeyFile New in version 2.2. .IP Note The \fI\%default distribution of MongoDB\fP does \fBnot\fP contain support for SSL. To use SSL you can either compile MongoDB with SSL support or use the MongoDB Subscriber Edition. See \fB/administration/ssl\fP for more information about SSL and MongoDB. .RE .sp Specifies the \fB.pem\fP file that contains both the SSL certificate and key. Specify the file name of the \fB.pem\fP file using relative or absolute paths .sp When using \fI\%--sslOnNormalPorts\fP, you must specify \fI\%--sslPEMKeyFile\fP. .UNINDENT .INDENT 0.0 .TP .B \-\-sslPEMKeyPassword New in version 2.2. .IP Note The \fI\%default distribution of MongoDB\fP does \fBnot\fP contain support for SSL. To use SSL you can either compile MongoDB with SSL support or use the MongoDB Subscriber Edition. See \fB/administration/ssl\fP for more information about SSL and MongoDB. .RE .sp Specifies the password to de\-crypt the certificate\-key file (i.e. \fI\%--sslPEMKeyFile\fP). Only use \fI\%--sslPEMKeyPassword\fP if the certificate\-key file is encrypted. In all cases, \fI\%mongod\fP will redact the password from all logging and reporting output. .sp Changed in version 2.4: \fI\%--sslPEMKeyPassword\fP is only needed when the private key is encrypted. In earlier versions \fI\%mongod\fP would require \fI\%--sslPEMKeyPassword\fP whenever using \fI\%--sslOnNormalPorts\fP, even when the private key was not encrypted. .UNINDENT .INDENT 0.0 .TP .B \-\-sslCAFile New in version 2.4. .IP Note The \fI\%default distribution of MongoDB\fP does \fBnot\fP contain support for SSL. To use SSL you can either compile MongoDB with SSL support or use the MongoDB Subscriber Edition. See \fB/administration/ssl\fP for more information about SSL and MongoDB. .RE .sp Specifies the \fB.pem\fP file that contains the root certificate chain from the Certificate Authority. Specify the file name of the \fB.pem\fP file using relative or absolute paths .UNINDENT .INDENT 0.0 .TP .B \-\-sslCRLFile New in version 2.4. .IP Note The \fI\%default distribution of MongoDB\fP does \fBnot\fP contain support for SSL. To use SSL you can either compile MongoDB with SSL support or use the MongoDB Subscriber Edition. See \fB/administration/ssl\fP for more information about SSL and MongoDB. .RE .sp Specifies the \fB.pem\fP file that contains the Certificate Revocation List. Specify the file name of the \fB.pem\fP file using relative or absolute paths .UNINDENT .INDENT 0.0 .TP .B \-\-sslWeakCertificateValidation New in version 2.4. .IP Note The \fI\%default distribution of MongoDB\fP does \fBnot\fP contain support for SSL. To use SSL you can either compile MongoDB with SSL support or use the MongoDB Subscriber Edition. See \fB/administration/ssl\fP for more information about SSL and MongoDB. .RE .sp Disables the requirement for SSL certificate validation, that \fI\%--sslCAFile\fP enables. With \fI\%--sslWeakCertificateValidation\fP, \fI\%mongod\fP will accept connections if the client does not present a certificate when establishing the connection. .sp If the client presents a certificate and \fI\%mongod\fP has \fI\%--sslWeakCertificateValidation\fP enabled, \fI\%mongod\fP will validate the certificate using the root certificate chain specified by \fI\%--sslCAFile\fP, and reject clients with invalid certificates. .sp Use \fI\%--sslWeakCertificateValidation\fP if you have a mixed deployment that includes clients that do not or cannot present certificates to \fI\%mongod\fP. .UNINDENT .INDENT 0.0 .TP .B \-\-sslFIPSMode New in version 2.4. .IP Note The \fI\%default distribution of MongoDB\fP does \fBnot\fP contain support for SSL. To use SSL you can either compile MongoDB with SSL support or use the MongoDB Subscriber Edition. See \fB/administration/ssl\fP for more information about SSL and MongoDB. .RE .sp When specified, \fI\%mongod\fP will use the FIPS mode of the installed OpenSSL library. Your system must have a FIPS compliant OpenSSL library to use \fI\%--sslFIPSMode\fP. .UNINDENT .SH USAGE .sp In common usage, the invocation of \fI\%mongod\fP will resemble the following in the context of an initialization or control script: .sp .nf .ft C mongod \-\-config /etc/mongodb.conf .ft P .fi .sp See the "\fB/reference/configuration\-options\fP" for more information on how to configure \fI\%mongod\fP using the configuration file. .SH AUTHOR MongoDB Documentation Project .SH COPYRIGHT 2011-2013, 10gen, Inc. .\" Generated by docutils manpage writer. .