blob: cfe5d03d2859ef61d97499d814b52f47492f0fc8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
// Test a revoked CRL -- ensure that a connection is not allowed.
// Note: crl_client_revoked.pem is a CRL with the client.pem certificate listed as revoked.
// This test should test that the user cannot connect with client.pem certificate.
var md = MongoRunner.runMongod({
sslMode: "requireSSL",
sslPEMKeyFile: "jstests/libs/server.pem",
sslCAFile: "jstests/libs/ca.pem",
sslCRLFile: "jstests/libs/crl_client_revoked.pem"
});
var mongo = runMongoProgram("mongo",
"--port",
md.port,
"--ssl",
"--sslAllowInvalidCertificates",
"--sslPEMKeyFile",
"jstests/libs/client_revoked.pem",
"--eval",
";");
// 1 is the exit code for the shell failing to connect, which is what we want
// for a successful test.
assert(mongo == 1);
|