Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-13014

CRL in jstest suite is expired

    XMLWordPrintableJSON

Details

    • Fully Compatible
    • ALL

    Description

      The "crl_client_revoked.pem" file, which is the CRL we are using to test a revoked certificate is expired. This means the test was passing not because the certificate was successfully revoked, but because only the failure case was tested and the CRL was expired.

      Adding the following to the end of https://github.com/mongodb/mongo/blob/r2.6.0-rc0/jstests/ssl/ssl_crl_revoked.js causes the test to fail:

      mongo = runMongoProgram("mongo", "--port", port, "--ssl",
                              "--sslPEMKeyFile", "jstests/libs/client.pem",
                              "--eval", ";");
       
      // 0 is the exit code for the shell connecting successfully
      assert(mongo==0);

      Attachments

        Activity

          People

            Unassigned Unassigned
            sverch Shaun Verch
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: