diff options
Diffstat (limited to 'jstests/ssl')
-rw-r--r-- | jstests/ssl/initial_sync1_x509.js | 5 | ||||
-rw-r--r-- | jstests/ssl/replset1.js | 4 | ||||
-rw-r--r-- | jstests/ssl/sharding_with_x509.js | 2 | ||||
-rw-r--r-- | jstests/ssl/ssl_cert_password.js | 2 | ||||
-rw-r--r-- | jstests/ssl/ssl_crl.js | 6 | ||||
-rw-r--r-- | jstests/ssl/ssl_crl_revoked.js | 3 | ||||
-rw-r--r-- | jstests/ssl/ssl_weak.js | 6 |
7 files changed, 15 insertions, 13 deletions
diff --git a/jstests/ssl/initial_sync1_x509.js b/jstests/ssl/initial_sync1_x509.js index 7206e98402c..e3a519346c2 100644 --- a/jstests/ssl/initial_sync1_x509.js +++ b/jstests/ssl/initial_sync1_x509.js @@ -2,10 +2,7 @@ // This test is launching replsets/initial_sync1.js with different // values for clusterAuthMode to emulate an upgrade process. -var common_options = {sslOnNormalPorts : "", - sslPEMKeyFile : "jstests/libs/server.pem", - sslCAFile: "jstests/libs/ca.pem", - keyFile : "jstests/libs/key1"}; +var common_options = {keyFile : "jstests/libs/key1"}; // Standard case, clusterAuthMode: x509 x509_options1 = Object.merge(common_options, diff --git a/jstests/ssl/replset1.js b/jstests/ssl/replset1.js index 6a1d2cba248..8462cc9fa2b 100644 --- a/jstests/ssl/replset1.js +++ b/jstests/ssl/replset1.js @@ -1,5 +1,5 @@ -ssl_options = {sslOnNormalPorts : "", +ssl_options = {sslMode : "sslOnly", sslPEMKeyFile : "jstests/libs/server.pem", sslCAFile: "jstests/libs/ca.pem"}; -load("jstests/replsets/replset1.js");
\ No newline at end of file +load("jstests/replsets/replset1.js"); diff --git a/jstests/ssl/sharding_with_x509.js b/jstests/ssl/sharding_with_x509.js index 6daf9e23675..37741513dbf 100644 --- a/jstests/ssl/sharding_with_x509.js +++ b/jstests/ssl/sharding_with_x509.js @@ -1,7 +1,7 @@ // Tests basic sharding with x509 cluster auth // The purpose is to verify the connectivity between mongos and the shards -var x509_options = {sslOnNormalPorts : "", +var x509_options = {sslMode : "sslOnly", sslPEMKeyFile : "jstests/libs/server.pem", sslCAFile: "jstests/libs/ca.pem", sslClusterFile: "jstests/libs/cluster-cert.pem", diff --git a/jstests/ssl/ssl_cert_password.js b/jstests/ssl/ssl_cert_password.js index d7734148aa8..1daccce7f74 100644 --- a/jstests/ssl/ssl_cert_password.js +++ b/jstests/ssl/ssl_cert_password.js @@ -11,7 +11,7 @@ resetDbpath(dbpath); md = startMongod("--nopreallocj", "--port", port, "--dbpath", dbpath, - "--sslOnNormalPorts", + "--sslMode","sslOnly", "--sslPEMKeyFile", "jstests/libs/password_protected.pem", "--sslPEMKeyPassword", "qwerty"); // startMongod connects a Mongo shell, so if we get here, the test is successful. diff --git a/jstests/ssl/ssl_crl.js b/jstests/ssl/ssl_crl.js index d2a96e31328..a536aba818f 100644 --- a/jstests/ssl/ssl_crl.js +++ b/jstests/ssl/ssl_crl.js @@ -11,7 +11,8 @@ var baseName = "jstests_ssl_ssl_crl"; var md = startMongod("--port", port1, "--dbpath", - "/data/db/" + baseName + "1", "--sslOnNormalPorts", + "/data/db/" + baseName + "1", + "--sslMode", "sslOnly", "--sslPEMKeyFile", "jstests/libs/server.pem", "--sslCAFile", "jstests/libs/ca.pem", "--sslCRLFile", "jstests/libs/crl.pem"); @@ -26,7 +27,8 @@ assert(mongo==0); port2 = ports[1]; // This test ensures clients cannot connect if the CRL is expired. -md = startMongod("--port", port2, "--dbpath", "/data/db/" + baseName + "2", "--sslOnNormalPorts", +md = startMongod("--port", port2, "--dbpath", "/data/db/" + baseName + "2", + "--sslMode", "sslOnly", "--sslPEMKeyFile", "jstests/libs/server.pem", "--sslCAFile", "jstests/libs/ca.pem", "--sslCRLFile", "jstests/libs/crl_expired.pem"); diff --git a/jstests/ssl/ssl_crl_revoked.js b/jstests/ssl/ssl_crl_revoked.js index 61c9e30dbe7..5c8c448c5a2 100644 --- a/jstests/ssl/ssl_crl_revoked.js +++ b/jstests/ssl/ssl_crl_revoked.js @@ -6,7 +6,8 @@ port = allocatePorts( 1 )[ 0 ]; var baseName = "jstests_ssl_ssl_crl_revoked"; -var md = startMongod( "--port", port, "--dbpath", "/data/db/" + baseName, "--sslOnNormalPorts", +var md = startMongod( "--port", port, "--dbpath", "/data/db/" + baseName, + "--sslMode","sslOnly", "--sslPEMKeyFile", "jstests/libs/server.pem", "--sslCAFile", "jstests/libs/ca.pem", "--sslCRLFile", "jstests/libs/crl_client_revoked.pem"); diff --git a/jstests/ssl/ssl_weak.js b/jstests/ssl/ssl_weak.js index 74dfb4e1031..26fb762958c 100644 --- a/jstests/ssl/ssl_weak.js +++ b/jstests/ssl/ssl_weak.js @@ -8,7 +8,8 @@ var baseName = "jstests_ssl_ssl_weak"; // Test that connecting with no client certificate and --sslWeakCertificateValidation connects // successfully. -var md = startMongod( "--port", ports[0], "--dbpath", "/data/db/" + baseName + "1", "--sslOnNormalPorts", +var md = startMongod( "--port", ports[0], "--dbpath", "/data/db/" + baseName + "1", + "--sslMode", "sslOnly", "--sslPEMKeyFile", "jstests/libs/server.pem", "--sslCAFile", "jstests/libs/ca.pem", "--sslWeakCertificateValidation"); @@ -31,7 +32,8 @@ assert(mongo==0); // Test that connecting with no client certificate and no --sslWeakCertificateValidation fails to // connect. -var md2 = startMongod( "--port", ports[1], "--dbpath", "/data/db/" + baseName + "2", "--sslOnNormalPorts", +var md2 = startMongod( "--port", ports[1], "--dbpath", "/data/db/" + baseName + "2", + "--sslMode", "sslOnly", "--sslPEMKeyFile", "jstests/libs/server.pem", "--sslCAFile", "jstests/libs/ca.pem"); |