mongodb/mongo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
master
mongo/jstests/ssl/ssl_withhold_client_cert.js
Gabriel Marks 77d90a66d3 SERVER-99750 Use generated certificates in jstests (#46650) 
GitOrigin-RevId: 303ffa3be9ec56f70a9ff9e38d4430fd0c927599
2026-01-28 18:44:45 +00:00

55 lines
1.3 KiB
JavaScript
Raw Permalink Blame History

// Test setParameter tlsWithholdClientCertificate
import {ReplSetTest} from "jstests/libs/replsettest.js";
function testRS(opts, expectWarning) {
const rsOpts = {
nodes: {node0: opts, node1: opts},
};
const rs = new ReplSetTest(rsOpts);
rs.startSet();
rs.initiate();
rs.awaitReplication();
const test = rs.getPrimary().getDB("test");
test.foo.insert({bar: "baz"});
rs.awaitReplication();
function checkWarning(member) {
const observed = /[N,n]o SSL certificate provided by peer/.test(cat(member.fullOptions.logFile));
assert.eq(observed, expectWarning);
}
checkWarning(rs.getPrimary());
checkWarning(rs.getSecondary());
rs.stopSet();
}
const base_options = {
tlsMode: "requireTLS",
tlsCertificateKeyFile: getX509Path("server.pem"),
tlsCAFile: getX509Path("ca.pem"),
tlsAllowInvalidHostnames: "",
useLogFiles: true,
};
testRS(base_options, false);
const test_options = Object.extend(
{
tlsAllowConnectionsWithoutCertificates: "",
setParameter: "tlsWithholdClientCertificate=true",
},
base_options,
);
testRS(test_options, true);
const depr_options = Object.extend(
{
tlsAllowConnectionsWithoutCertificates: "",
setParameter: "tlsWithholdClientCertificate=true",
},
base_options,
);
testRS(depr_options, true);
Reference in New Issue View Git Blame Copy Permalink