Test X.509 authentication with Secure Channel

XMLWordPrintableJSON

    • Type: Task
    • Resolution: Gone away
    • Priority: Minor - P4
    • None
    • Affects Version/s: None
    • Component/s: Testing, tls
    • Not Needed
    • 🔵 Done
    • Hide

      1. What would you like to communicate to the user about this feature?
      2. Would you like the user to see examples of the syntax and/or executable code and its output?
      3. Which versions of the driver/connector does this apply to?

      Show
      1. What would you like to communicate to the user about this feature? 2. Would you like the user to see examples of the syntax and/or executable code and its output? 3. Which versions of the driver/connector does this apply to?
    • None
    • None
    • None
    • None
    • None
    • None

      The certificate that needs to be used for X.509 authentication on ldaptest isn't very well liked by Secure Channel and therefore needs to be regenerated:

      $ ./Debug/mongoc-ping.exe 'mongodb://CN=client,OU=kerneluser,O=10Gen,L=New York City,ST=New York,C=US@ldaptest.10gen.cc/?ssl=true&authMechanism=MONGODB-X509&sslClientCertificateKeyFile=tests/x509gen/legacy-x509.pem&sslCertificateAuthorityFile=tests/x509gen/legacy-ca.crt&sslAllowInvalidHostname=true'
2017/01/30 21:55:14.0990: [  976]:    DEBUG:      cluster: Authentication failed: auth failed
2017/01/30 21:55:14.0984: [  976]:    ERROR: stream-secure-channel: Failed to parse private key. ASN1 bad tag value met. (0x8009310B)
2017/01/30 21:55:14.0987: [  976]:  WARNING: stream-secure-channel: a client certificate has been requested
Ping failure: auth failed

            Assignee:
            Unassigned
            Reporter:
            Hannes Magnusson (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: