2014-07-28 15:22:08 -04:00
|
|
|
// Test SSL Certificate Expiration Monitoring
|
|
|
|
|
// This tests that a mongod with --sslMode requireSSL will not start with an
|
|
|
|
|
// X.509 certificate that is not yet valid or has expired.
|
|
|
|
|
|
|
|
|
|
// This test ensures that a mongod will not start with a certificate that is
|
|
|
|
|
// not yet valid. Tested certificate will become valid 06-17-2020.
|
2015-03-22 12:08:42 -04:00
|
|
|
var md = MongoRunner.runMongod({sslMode: "requireSSL",
|
|
|
|
|
sslPEMKeyFile: "jstests/libs/not_yet_valid.pem",
|
|
|
|
|
sslCAFile: "jstests/libs/ca.pem"});
|
2014-07-28 15:22:08 -04:00
|
|
|
|
|
|
|
|
assert.eq(null, md, "Possible to start mongod with not yet valid certificate.");
|
|
|
|
|
|
|
|
|
|
// This test ensures that a mongod with SSL will not start with an expired certificate.
|
2015-03-22 12:08:42 -04:00
|
|
|
md = MongoRunner.runMongod({sslMode: "requireSSL",
|
|
|
|
|
sslPEMKeyFile: "jstests/libs/expired.pem",
|
|
|
|
|
sslCAFile: "jstests/libs/ca.pem"});
|
2014-07-28 15:22:08 -04:00
|
|
|
|
|
|
|
|
assert.eq(null, md, "Possible to start mongod with expired certificate");
|
