Adding a new node to a x509 authenticated replica set cluster that does not have valid authentication credentials will still add that node to the replica set configuration, even though that new node cannot communicate with the rest of the set.

The reason behind this behavior is that the return value of the auth call is not checked in the replset health poll. The polling thread will continue to try to poll regardless of the failed auth. If the servers are on the same host and localhost exception is enabled the poll will succeed.

The fix should consist in checking the return value of the auth call and consider the poll failed if auth fails.

Related to: SERVER-11065