[SERVER-34742] Stop running ssl_cert_password.js on OS X - MongoDB Jira

XML

Word

Printable

JSON

Details

Type: Task
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.4.16, 3.6.5, 4.0.0-rc0
Component/s: Security, Testing Infrastructure
Labels:
None

Backwards Compatibility:
Fully Compatible
Backport Requested:

v3.6, v3.4
Sprint:
TIG 2018-05-07
Linked BF Score:
43

Description

As mentioned in https://github.com/golang/go/issues/8860, golang doesn't support parsing PKCS#8 encrypted private keys despite it being the default format since OpenSSL 1.0.0. The changes from ~~TOOLS-1948~~ have dropped support for using OpenSSL 0.9.x in favor of using golang's crypto/tls package.

Converting jstests/libs/password_protected.pem from a PKCS#8 encrypted private key shouldn't cause a loss in test coverage because the JavaScript tests which use jstests/libs/password_protected.pem care only that a password is required and not what mechanism was used for the encryption. There isn't an encrypted private key format that is supported by the mongo shell, the server, and the mongo tools across all platforms.

Attachments

Issue Links

is related to

TOOLS-1948 Use Go-native TLS dialer on platforms with openssl 0.9.x

Closed

Activity

People

Assignee:: Max Hirschhorn

Reporter:: Max Hirschhorn

Participants:: Githook User, Max Hirschhorn

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: Apr 29 2018 05:43:17 PM UTC

Updated:: Jun 24 2018 08:20:19 PM UTC

Resolved:: Apr 30 2018 10:53:22 PM UTC