SERVER-35541 Support PKCS#8 PrivateKeyInfo in SChannel Provider

1 files changed, 36 insertions, 0 deletions

diff --git a/jstests/ssl/ssl_private_key.js b/jstests/ssl/ssl_private_key.js
new file mode 100644
index 00000000000..5317d6c86fa
--- /dev/null
+++ b/jstests/ssl/ssl_private_key.js
@@ -0,0 +1,36 @@
+// Test that clients support "BEGIN PRIVATE KEY" pems with RSA keys
+load('jstests/ssl/libs/ssl_helpers.js');
+
+(function() {
+    "use strict";
+
+    const SERVER_CERT = "jstests/libs/server.pem";
+    const CA_CERT = "jstests/libs/ca.pem";
+    const CLIENT_CERT = "jstests/libs/client_privatekey.pem";
+
+    function authAndTest(port) {
+        const mongo = runMongoProgram("mongo",
+                                      "--host",
+                                      "localhost",
+                                      "--port",
+                                      port,
+                                      "--ssl",
+                                      "--sslCAFile",
+                                      CA_CERT,
+                                      "--sslPEMKeyFile",
+                                      CLIENT_CERT,
+                                      "--eval",
+                                      "1");
+
+        // runMongoProgram returns 0 on success
+        assert.eq(0, mongo, "Connection attempt failed");
+    }
+
+    const x509_options = {sslMode: "requireSSL", sslPEMKeyFile: SERVER_CERT, sslCAFile: CA_CERT};
+
+    let mongo = MongoRunner.runMongod(Object.merge(x509_options, {auth: ""}));
+
+    authAndTest(mongo.port);
+
+    MongoRunner.stopMongod(mongo);
+}());