xuemingqiang/mongo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8d9503600aeb49dc91cb1472b469bb9efbbacdf4
mongo/jstests/ssl/multi-ca.js
Zac 591928c619 SERVER-108478 JS formatted by prettier and remove clang-format (#39656) 
GitOrigin-RevId: 6c8f6aded47f260aa4f7c231b17dae3302cb1e04
2025-08-21 17:27:09 +00:00

41 lines
1.1 KiB
JavaScript
Raw Blame History

// Test that servers can use multiple root CAs.
// "root-and-trusted-ca.pem" contains the combined ca.pem and trusted-ca.pem certs.
// This *should* permit client.pem or trusted-client.pem to connect equally.
const CA_CERT = "jstests/ssl/x509/root-and-trusted-ca.pem";
const SERVER_CERT = "jstests/libs/server.pem";
const CLIENT_CA_CERT = "jstests/libs/ca.pem";
const CLIENT_CERT = "jstests/libs/client.pem";
const TRUSTED_CLIENT_CERT = "jstests/libs/trusted-client.pem";
const mongod = MongoRunner.runMongod({
tlsMode: "requireTLS",
tlsCertificateKeyFile: SERVER_CERT,
tlsCAFile: CA_CERT,
});
function testConnect(cert) {
const mongo = runMongoProgram(
"mongo",
"--host",
"localhost",
"--port",
mongod.port,
"--tls",
"--tlsCAFile",
CLIENT_CA_CERT,
"--tlsCertificateKeyFile",
cert,
"--eval",
";",
);
assert.eq(0, mongo, "Connection attempt failed using " + cert);
}
testConnect(CLIENT_CERT);
testConnect(TRUSTED_CLIENT_CERT);
MongoRunner.stopMongod(mongod);
Reference in New Issue View Git Blame Copy Permalink