MongoDB SSL Certificate Setup (Meteor)
Connect your Meteor app to MongoDB securely using an SSL certificate from Galaxy Database. Download the certificate, configure your settings, and deploy with encrypted connections.
SSL encrypts the connection between your Meteor app and MongoDB, protecting your data in transit. If you're using Galaxy Database, setting this up takes just a few minutes.
Time Required: About 5 minutes
What you'll need: A Meteor project, a Galaxy Database MongoDB instance, and your settings.json file
Using Node.js instead? Check the Node.js SSL setup guide. Node.js handles certificates differently.
Setting Up SSL
Download the SSL Certificate
Open the Galaxy dashboard and navigate to your MongoDB cluster's Overview page. You'll find a download link for the SSL certificate there.
Download the certificate file. You'll add it to your Meteor project in the next step.
Add the Certificate to Your Project
Create a private folder in the root of your Meteor project (if you don't already have one). Drop the downloaded certificate file inside it.
For this guide, we'll assume the file is named certificate.pem. Your project structure should look like this:
your-meteor-app/
├── private/
│ ├── certificate.pem
│ └── settings.json (recommended location)
├── client/
├── server/
└── ...Keep Settings Nearby
Storing your settings.json in the private folder alongside your certificate keeps your configuration organized and out of the client bundle.
Configure Your Settings
Open (or create) your settings.json file and add the SSL configuration along with your MongoDB connection string:
{
"packages": {
"mongo": {
"options": {
"tls": true,
"tlsCAFileAsset": "certificate.pem"
}
}
},
"galaxy.meteor.com": {
"env": {
"MONGO_URL": "mongodb://user:password@host1:27017,host2:27017,host3:27017/yourdb?replicaSet=yourReplicaSet&ssl=true&authSource=admin"
}
}
}Two key settings here:
tlsCAFileAsset: Tells Meteor to look for the SSL certificate inside the private folder. You only need the filename, not the full path.
MONGO_URL: Your MongoDB connection string. Make sure it includes ssl=true and authSource=admin as query parameters. You'll find the full connection string on your Galaxy Database cluster's Credentials section.
Deploy Your App
Deploy with the --settings flag pointing to your settings file:
meteor deploy yourapp.meteorapp.com --settings private/settings.jsonThat's it. Meteor reads the certificate from private/, establishes the SSL connection, and your data travels encrypted between your app and MongoDB.
Push to Deploy Configuration
If you're using Push to Deploy instead of the CLI, you'll need to tell Galaxy where your settings file lives.
During the Push to Deploy setup (or in your app's Settings page), look for the Settings File Path field. Enter the relative path to your settings file:
private/settings.jsonGalaxy reads this file from your repository on every deployment. Your SSL certificate (inside the private folder) gets bundled automatically since Meteor includes everything in private/ in the app bundle.
Sensitive Data in Settings
If your settings.json contains secrets (API keys, database passwords), consider using the Meteor Settings JSON field in the Galaxy dashboard instead of committing secrets to your repository. You can split your configuration: keep non-sensitive settings in the file and paste sensitive values directly in the dashboard.
Connection String Parameters
Your MONGO_URL needs specific parameters for SSL to work correctly. Here's what each one does:
| Parameter | Purpose |
|---|---|
ssl=true | Enables SSL/TLS encryption for the connection |
authSource=admin | Tells MongoDB to authenticate against the admin database |
replicaSet=yourReplicaSet | Identifies your replica set (required for Galaxy Database clusters) |
If you're missing authSource=admin, MongoDB tries to authenticate against your app's database and fails. Always include it when connecting to Galaxy Database.
Common Questions
Need a Hand?
If you're having trouble with SSL setup, reach out to Galaxy support. We can verify your certificate configuration and help troubleshoot connection issues.
What's Next?
Connect Your Database with TablePlus
Use TablePlus to visually browse and manage your MongoDB, PostgreSQL, or Redis databases hosted on Galaxy.
MongoDB SSL Certificate Setup (Node.js)
Connect your Node.js app to MongoDB securely using an SSL certificate from Galaxy Database. Works with the native MongoDB driver and Mongoose.