jstests/ssl/ssl_private_key.js


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

// Test that clients support "BEGIN PRIVATE KEY" pems with RSA keys
load('jstests/ssl/libs/ssl_helpers.js');

(function() {
"use strict";

const SERVER_CERT = "jstests/libs/server.pem";
const CA_CERT = "jstests/libs/ca.pem";
const CLIENT_CERT = "jstests/libs/client_privatekey.pem";

function authAndTest(port) {
    const mongo = runMongoProgram("mongo",
                                  "--host",
                                  "localhost",
                                  "--port",
                                  port,
                                  "--ssl",
                                  "--sslCAFile",
                                  CA_CERT,
                                  "--sslPEMKeyFile",
                                  CLIENT_CERT,
                                  "--eval",
                                  "1");

    // runMongoProgram returns 0 on success
    assert.eq(0, mongo, "Connection attempt failed");
}

const x509_options = {
    sslMode: "requireSSL",
    sslPEMKeyFile: SERVER_CERT,
    sslCAFile: CA_CERT
};

let mongo = MongoRunner.runMongod(Object.merge(x509_options, {auth: ""}));

authAndTest(mongo.port);

MongoRunner.stopMongod(mongo);
}());