Connections and Debugging

Every Compose deployment comes with one or multiple connection strings that connect you and your applications to your databases. These are found on the Overview of the deployment, under Connection Strings. If you are having trouble connecting to your deployment or database, there are a few debugging steps that can help narrow down the problem.

If trying the steps here indicate that there is a connection that is not responding, check the Compose Status Page to check for any known issues with the host you are trying to connect to. Contact support [email protected] or open a ticket, if you see errors or experience other problems with your connections.

Testing via Web Browser

The following deployment types can be tested using a web browser:

Admin UI

  • RabbitMQ - Use the URL in the Admin UI section of the RabbitMQ deployment Overview page. Copy and paste it into a new browser tab. It should prompt you to log-in; you may use a user that you have created to access the page. This indicates that at least the portal that serves the UI is up and running.
  • RethinkDB - Use the URL in the Admin UI section of the RethinkDB deployment Overview page. Copy and paste it into a new browser tab. Since the server uses a self-signed certificate, it will give you a security warning and ask you to log in. You should use the deployment's credentails. Sucessfully accessing the RethinkDB Administration Console indicates that the portal to access your deployment is up and running.

Status Page

  • Elasticsearch - Enter https connection string into a new browser tab, omitting the username, password, and '@' symbol. For example: . It should prompt you to enter a username and password; you may use any user you have created to have access the deployment. Upon successful connection you should see some JSON response data relating to the details of your deployment.
  • MongoDB - Use one of the mongodb:// connection strings with https:// and open it in a new browser tab. For example, Since the server uses a self-signed certificate, it will give you a security warning. Upon successfully connecting you will see text saying: It looks like you are trying to access MongoDB over HTTP on the native driver port.

CLI Testing


Netcat is a utility used for reading from and writing to TCP and UDP connections. It can be used to test connectivity to the server and port provided by your deployment.

In the following example, the -z flag means that we aren't sending any data, just establishing a connection and then closing it.
The -v flag, for verbose mode, pushes slightly more information to stdout.

$ nc -zv 20458
>found 0 associations
>found 1 connections:
>outif en0
>src port 50673
>dst port 20458
>rank info not available
>TCP aux info available
>Connection to port 20458 [tcp/*] succeeded!

If it's able to connect, you should see in the response
Connection to port 20458 [tcp/*] succeeded!
If it's unable to connect you will most likeliy see
nc: connectx to port 23371 (tcp) failed: Operation timed out
nc: connectx to port 23371 (tcp) failed: Connection refused


You can either test your connection by using the telnet command with the sever and port or by opening the telnet client and using commands to connect.

$ telnet 20458
>Connected to
>Escape character is '^]'.
$ ^]
telnet> quit

Once successfully connected, use the esacpe character ^] (it's ctrl + ]) to exit to the telnet client. This will NOT close the connection; type quit in order to exit telnet and close the connection.

Testing SSL/TLS Connections

If you are testing connections that are secured using SSL/TLS, use OpenSSL to connect and view the server's certificate information. In the example, s_client is given two arguments. -connect supplies the hostname and port to connect to, and -servername allows the client to pass the server name indication (SNI) to the server. This will allow the server to give back the correct certificate for your deployment.

$ openssl s_client -connect -servername

depth=1 /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
verify error:num=20:unable to get local issuer certificate
verify return:0
Certificate chain
 0 s:/
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
Server certificate
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
No client certificate CA names sent
SSL handshake has read 2922 bytes and written 488 bytes
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
    Protocol  : TLSv1
    Cipher    : AES256-SHA
    Session-ID: 27A56A7A962BDE58DA56E476E7BD588ABEE0D1CA943D4C59AFD88E649D338B8B
    Master-Key: 12534F6D75A07742C17E75F3BA541BDD781BC038421E3991C5514883418C7602B264C4D5B0C81A8BEAD7C6A654EA731A
    Key-Arg   : None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - 36 9a f3 99 b5 6d 3c 74-de 5b cc 97 d1 57 bf 99   6....m<t.[...W..
    0010 - 63 62 86 03 4b 67 57 c1-85 04 8a ff 1e 81 1a 95   cb..KgW.........
    0020 - a2 da 95 d3 12 b8 b2 9d-76 87 62 c8 8c a0 7b f7   ........v.b...{.
    0030 - a3 f7 be b0 84 ce 1a ec-4c 19 64 48 ed b6 3d 31   ........L.dH..=1
    0040 - 6a ae ed 0c cb ae 04 7b-b0 7c de 61 4c 57 b1 72   j......{.|.aLW.r
    0050 - 14 e3 f2 56 8e ca 66 c8-96 2a 92 0a da 53 ab f7   ...V..f..*...S..
    0060 - 64 1a bc 3f 99 1e e7 34-b6 2e e6 bf 50 bd 33 0a   d..?...4....P.3.
    0070 - e8 64 ae f9 ce ce cd 2e-83 6b 17 49 f3 fb 12 3a   .d.......k.I...:
    0080 - 1a cf e4 a6 10 b4 06 9e-87 80 6f c2 e8 e6 d5 ad   ..........o.....
    0090 - f8 7d 00 ee e3 8f e6 fc-ef f7 a9 bd 05 7a 2f 47   .}...........z/G
    00a0 - 01 a2 fe b3 1c 19 1a 77-f4 cd 22 7f 58 3d 36 c9   .......w..".X=6.
    00b0 - 46 fb 03 ad 6e 9d 63 0d-4a 37 49 4a 51 93 07 a4   F...n.c.J7IJQ...
    00c0 - f6 7b 50 a9 e8 bd f2 86-8c 9d d1 62 b3 ba e7 c5   .{P........b....
    00d0 - ee 89 1d 74 87 1a a0 46-4a 0d 32 7f 6d da f2 92   ...t...FJ.2.m...

    Start Time: 1512059800
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)

If the connection doesn't use SSL/TLS it will simply connect and return no certificate, or encryption information.

$ openssl s_client -connect

If it is unable to make any connection, then you will get a connection error.


If you are able to connect using the above methods, but your application or driver is not able to connect, here are a few things to check:

  1. Make sure that your driver (and driver verison) supports the database version running on the deployment.
  2. If the driver has debugging or verbose modes, turn them on for better visibility
  3. Check out the Compose Grand Tour. It contains connection examples for many languages and database types. (With the goal of covering all of them).

Still Need Help?

If this article didn't solve things, summon a human and get some help!