summaryrefslogtreecommitdiff
path: root/jstests/ssl
diff options
context:
space:
mode:
Diffstat (limited to 'jstests/ssl')
-rw-r--r--jstests/ssl/initial_sync1_x509.js5
-rw-r--r--jstests/ssl/replset1.js4
-rw-r--r--jstests/ssl/sharding_with_x509.js2
-rw-r--r--jstests/ssl/ssl_cert_password.js2
-rw-r--r--jstests/ssl/ssl_crl.js6
-rw-r--r--jstests/ssl/ssl_crl_revoked.js3
-rw-r--r--jstests/ssl/ssl_weak.js6
7 files changed, 15 insertions, 13 deletions
diff --git a/jstests/ssl/initial_sync1_x509.js b/jstests/ssl/initial_sync1_x509.js
index 7206e98402c..e3a519346c2 100644
--- a/jstests/ssl/initial_sync1_x509.js
+++ b/jstests/ssl/initial_sync1_x509.js
@@ -2,10 +2,7 @@
// This test is launching replsets/initial_sync1.js with different
// values for clusterAuthMode to emulate an upgrade process.
-var common_options = {sslOnNormalPorts : "",
- sslPEMKeyFile : "jstests/libs/server.pem",
- sslCAFile: "jstests/libs/ca.pem",
- keyFile : "jstests/libs/key1"};
+var common_options = {keyFile : "jstests/libs/key1"};
// Standard case, clusterAuthMode: x509
x509_options1 = Object.merge(common_options,
diff --git a/jstests/ssl/replset1.js b/jstests/ssl/replset1.js
index 6a1d2cba248..8462cc9fa2b 100644
--- a/jstests/ssl/replset1.js
+++ b/jstests/ssl/replset1.js
@@ -1,5 +1,5 @@
-ssl_options = {sslOnNormalPorts : "",
+ssl_options = {sslMode : "sslOnly",
sslPEMKeyFile : "jstests/libs/server.pem",
sslCAFile: "jstests/libs/ca.pem"};
-load("jstests/replsets/replset1.js"); \ No newline at end of file
+load("jstests/replsets/replset1.js");
diff --git a/jstests/ssl/sharding_with_x509.js b/jstests/ssl/sharding_with_x509.js
index 6daf9e23675..37741513dbf 100644
--- a/jstests/ssl/sharding_with_x509.js
+++ b/jstests/ssl/sharding_with_x509.js
@@ -1,7 +1,7 @@
// Tests basic sharding with x509 cluster auth
// The purpose is to verify the connectivity between mongos and the shards
-var x509_options = {sslOnNormalPorts : "",
+var x509_options = {sslMode : "sslOnly",
sslPEMKeyFile : "jstests/libs/server.pem",
sslCAFile: "jstests/libs/ca.pem",
sslClusterFile: "jstests/libs/cluster-cert.pem",
diff --git a/jstests/ssl/ssl_cert_password.js b/jstests/ssl/ssl_cert_password.js
index d7734148aa8..1daccce7f74 100644
--- a/jstests/ssl/ssl_cert_password.js
+++ b/jstests/ssl/ssl_cert_password.js
@@ -11,7 +11,7 @@ resetDbpath(dbpath);
md = startMongod("--nopreallocj",
"--port", port,
"--dbpath", dbpath,
- "--sslOnNormalPorts",
+ "--sslMode","sslOnly",
"--sslPEMKeyFile", "jstests/libs/password_protected.pem",
"--sslPEMKeyPassword", "qwerty");
// startMongod connects a Mongo shell, so if we get here, the test is successful.
diff --git a/jstests/ssl/ssl_crl.js b/jstests/ssl/ssl_crl.js
index d2a96e31328..a536aba818f 100644
--- a/jstests/ssl/ssl_crl.js
+++ b/jstests/ssl/ssl_crl.js
@@ -11,7 +11,8 @@ var baseName = "jstests_ssl_ssl_crl";
var md = startMongod("--port", port1, "--dbpath",
- "/data/db/" + baseName + "1", "--sslOnNormalPorts",
+ "/data/db/" + baseName + "1",
+ "--sslMode", "sslOnly",
"--sslPEMKeyFile", "jstests/libs/server.pem",
"--sslCAFile", "jstests/libs/ca.pem",
"--sslCRLFile", "jstests/libs/crl.pem");
@@ -26,7 +27,8 @@ assert(mongo==0);
port2 = ports[1];
// This test ensures clients cannot connect if the CRL is expired.
-md = startMongod("--port", port2, "--dbpath", "/data/db/" + baseName + "2", "--sslOnNormalPorts",
+md = startMongod("--port", port2, "--dbpath", "/data/db/" + baseName + "2",
+ "--sslMode", "sslOnly",
"--sslPEMKeyFile", "jstests/libs/server.pem",
"--sslCAFile", "jstests/libs/ca.pem",
"--sslCRLFile", "jstests/libs/crl_expired.pem");
diff --git a/jstests/ssl/ssl_crl_revoked.js b/jstests/ssl/ssl_crl_revoked.js
index 61c9e30dbe7..5c8c448c5a2 100644
--- a/jstests/ssl/ssl_crl_revoked.js
+++ b/jstests/ssl/ssl_crl_revoked.js
@@ -6,7 +6,8 @@ port = allocatePorts( 1 )[ 0 ];
var baseName = "jstests_ssl_ssl_crl_revoked";
-var md = startMongod( "--port", port, "--dbpath", "/data/db/" + baseName, "--sslOnNormalPorts",
+var md = startMongod( "--port", port, "--dbpath", "/data/db/" + baseName,
+ "--sslMode","sslOnly",
"--sslPEMKeyFile", "jstests/libs/server.pem",
"--sslCAFile", "jstests/libs/ca.pem",
"--sslCRLFile", "jstests/libs/crl_client_revoked.pem");
diff --git a/jstests/ssl/ssl_weak.js b/jstests/ssl/ssl_weak.js
index 74dfb4e1031..26fb762958c 100644
--- a/jstests/ssl/ssl_weak.js
+++ b/jstests/ssl/ssl_weak.js
@@ -8,7 +8,8 @@ var baseName = "jstests_ssl_ssl_weak";
// Test that connecting with no client certificate and --sslWeakCertificateValidation connects
// successfully.
-var md = startMongod( "--port", ports[0], "--dbpath", "/data/db/" + baseName + "1", "--sslOnNormalPorts",
+var md = startMongod( "--port", ports[0], "--dbpath", "/data/db/" + baseName + "1",
+ "--sslMode", "sslOnly",
"--sslPEMKeyFile", "jstests/libs/server.pem",
"--sslCAFile", "jstests/libs/ca.pem",
"--sslWeakCertificateValidation");
@@ -31,7 +32,8 @@ assert(mongo==0);
// Test that connecting with no client certificate and no --sslWeakCertificateValidation fails to
// connect.
-var md2 = startMongod( "--port", ports[1], "--dbpath", "/data/db/" + baseName + "2", "--sslOnNormalPorts",
+var md2 = startMongod( "--port", ports[1], "--dbpath", "/data/db/" + baseName + "2",
+ "--sslMode", "sslOnly",
"--sslPEMKeyFile", "jstests/libs/server.pem",
"--sslCAFile", "jstests/libs/ca.pem");
View Lorry Controller Status