Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface TopologyOptions

Hierarchy

Index

Properties

ALPNProtocols?: string[] | Uint8Array | Uint8Array[]

An array of strings or a Buffer naming possible ALPN protocols. (Protocols should be ordered by their priority.)

autoEncrypter?: AutoEncrypter
bsonRegExp?: boolean

return BSON regular expressions as BSONRegExp instances.

ca?: string | Buffer | (string | Buffer)[]

Optionally override the trusted CA certificates. Default is to trust the well-known CAs curated by Mozilla. Mozilla's CAs are completely replaced when CAs are explicitly specified using this option.

cancellationToken?: CancellationToken
cert?: string | Buffer | (string | Buffer)[]

Cert chains in PEM format. One cert chain should be provided per private key. Each cert chain should consist of the PEM formatted certificate for a provided private key, followed by the PEM formatted intermediate certificates (if any), in order, and not including the root CA (the root CA must be pre-known to the peer, see ca). When providing multiple cert chains, they do not have to be in the same order as their private keys in key. If the intermediate certificates are not provided, the peer will not be able to validate the certificate, and the handshake will fail.

checkKeys?: boolean

the serializer will check if keys are valid.

checkServerIdentity?: (hostname: string, cert: PeerCertificate) => Error | undefined

Type declaration

    • (hostname: string, cert: PeerCertificate): Error | undefined
    • Verifies the certificate cert is issued to hostname.

      Returns Error object, populating it with reason, host, and cert on failure. On success, returns undefined.

      This function is intended to be used in combination with thecheckServerIdentity option that can be passed to connect and as such operates on a certificate object. For other purposes, consider using x509.checkHost() instead.

      This function can be overwritten by providing an alternative function as theoptions.checkServerIdentity option that is passed to tls.connect(). The overwriting function can call tls.checkServerIdentity() of course, to augment the checks done with additional verification.

      This function is only called if the certificate passed all other checks, such as being issued by trusted CA (options.ca).

      Earlier versions of Node.js incorrectly accepted certificates for a givenhostname if a matching uniformResourceIdentifier subject alternative name was present (see CVE-2021-44531). Applications that wish to acceptuniformResourceIdentifier subject alternative names can use a customoptions.checkServerIdentity function that implements the desired behavior.

      since

      v0.8.4

      Parameters

      • hostname: string

        The host name or IP address to verify the certificate against.

      • cert: PeerCertificate

        A certificate object representing the peer's certificate.

      Returns Error | undefined

ciphers?: string

Cipher suite specification, replacing the default. For more information, see modifying the default cipher suite. Permitted ciphers can be obtained via tls.getCiphers(). Cipher names must be uppercased in order for OpenSSL to accept them.

compressors?: ("none" | "snappy" | "zlib" | "zstd")[]
connectTimeoutMS: number
credentials?: MongoCredentials
crl?: string | Buffer | (string | Buffer)[]

PEM formatted CRLs (Certificate Revocation Lists).

directConnection: boolean

Indicates that a client should directly connect to a node without attempting to discover its topology type

ecdhCurve?: string

A string describing a named curve or a colon separated list of curve NIDs or names, for example P-521:P-384:P-256, to use for ECDH key agreement. Set to auto to select the curve automatically. Use crypto.getCurves() to obtain a list of available curve names. On recent releases, openssl ecparam -list_curves will also display the name and description of each available elliptic curve. Default: tls.DEFAULT_ECDH_CURVE.

enableUtf8Validation?: boolean

Enable utf8 validation when deserializing BSON documents. Defaults to true.

family?: number
fieldsAsRaw?: Document

allow to specify if there what fields we wish to return as unserialized raw buffer.

heartbeatFrequencyMS: number
hints?: number
hosts: HostAddress[]
ignoreUndefined?: boolean

serialize will not emit undefined fields (default:true)

keepAlive?: boolean
keepAliveInitialDelay?: number
key?: string | Buffer | (string | Buffer | KeyObject)[]

Private keys in PEM format. PEM allows the option of private keys being encrypted. Encrypted keys will be decrypted with options.passphrase. Multiple keys using different algorithms can be provided either as an array of unencrypted key strings or buffers, or an array of objects in the form {pem: <string|buffer>[, passphrase: ]}. The object form can only occur in an array. object.passphrase is optional. Encrypted keys will be decrypted with object.passphrase if provided, or options.passphrase if it is not.

loadBalanced: boolean
localAddress?: string
localPort?: number
logicalSessionTimeoutMinutes?: number
lookup?: LookupFunction
maxConnecting: number

The maximum number of connections that may be in the process of being established concurrently by the connection pool.

maxIdleTimeMS: number

The maximum amount of time a connection should remain idle in the connection pool before being marked idle.

maxPoolSize: number

The maximum number of connections that may be associated with a pool at a given time. This includes in use and available connections.

metadata: ClientMetadata
minDHSize?: number
minHeartbeatFrequencyMS: number
minPoolSize: number

The minimum number of connections that MUST exist at any moment in a single connection pool.

monitorCommands: boolean
noDelay?: boolean
passphrase?: string

Shared passphrase used for a single private key and/or a PFX.

pfx?: string | Buffer | (string | Buffer | PxfObject)[]

PFX or PKCS12 encoded private key and certificate chain. pfx is an alternative to providing key and cert individually. PFX is usually encrypted, if it is, passphrase will be used to decrypt it. Multiple PFX can be provided either as an array of unencrypted PFX buffers, or an array of objects in the form {buf: <string|buffer>[, passphrase: ]}. The object form can only occur in an array. object.passphrase is optional. Encrypted PFX will be decrypted with object.passphrase if provided, or options.passphrase if it is not.

promoteBuffers?: boolean

when deserializing a Binary will return it as a node.js Buffer instance.

promoteLongs?: boolean

when deserializing a Long will fit it into a Number if it's smaller than 53 bits

promoteValues?: boolean

when deserializing will promote BSON values to their Node.js closest equivalent types.

proxyHost?: string
proxyPassword?: string
proxyPort?: number
proxyUsername?: string
raw?: boolean

Enabling the raw option will return a Node.js Buffer which is allocated using allocUnsafe API. See this section from the Node.js Docs here for more detail about what "unsafe" refers to in this context. If you need to maintain your own editable clone of the bytes returned for an extended life time of the process, it is recommended you allocate your own buffer and clone the contents:

example
const raw = await collection.findOne({}, { raw: true });
const myBuffer = Buffer.alloc(raw.byteLength);
myBuffer.set(raw, 0);
// Only save and use `myBuffer` beyond this point
remarks

Please note there is a known limitation where this option cannot be used at the MongoClient level (see NODE-3946). It does correctly work at Db, Collection, and per operation the same as other BSON options work.

rejectUnauthorized?: boolean

If true the server will reject any connection which is not authorized with the list of supplied CAs. This option only has an effect if requestCert is true.

default

true

replicaSet?: string

The name of the replica set to connect to

retryReads: boolean
retryWrites: boolean
secureContext?: SecureContext

An optional TLS context object from tls.createSecureContext()

secureProtocol?: string

Legacy mechanism to select the TLS protocol version to use, it does not support independent control of the minimum and maximum version, and does not support limiting the protocol to TLSv1.3. Use minVersion and maxVersion instead. The possible values are listed as SSL_METHODS, use the function names as strings. For example, use 'TLSv1_1_method' to force TLS version 1.1, or 'TLS_method' to allow any TLS protocol version up to TLSv1.3. It is not recommended to use TLS versions less than 1.2, but it may be required for interoperability. Default: none, see minVersion.

serializeFunctions?: boolean

serialize the javascript functions (default:false).

serverApi?: ServerApi

MongoDB server API version

serverSelectionTimeoutMS: number

How long to block for server selection before throwing an error

servername?: string
session?: Buffer
socketTimeoutMS?: number
srvHost?: string
srvMaxHosts: number
srvServiceName: string
tls: boolean
waitQueueTimeoutMS: number

The maximum amount of time operation execution should wait for a connection to become available. The default is 0 which means there is no limit.

Generated using TypeDoc