If the upgraded 2.4.0-rc1 is restarted with --sslWeakCetificateValidation then the nodes are able to talk to one another. However --sslWeakCertificateValidation is meant to mean that a cert is not necessary, not that a cert will not be validated.
1$ ./bin/mongod --dbpath ../mongodb-linux-x86_64-subscription-ubuntu1104-2.2.2/data/ --sslOnNormalPorts --sslPEMKeyFile ../gregorFreeBSD.pem --sslCAFile ../cacert.pem --replSet rs1 --smallfiles --sslWeakCertificateValidation
|
rs1:PRIMARY> rs.status()
|
{
|
"set" : "rs1",
|
"date" : ISODate("2013-02-27T12:38:26Z"),
|
"myState" : 1,
|
"members" : [
|
{
|
"_id" : 0,
|
"name" : "ip-10-227-21-162:27017",
|
"health" : 1,
|
"state" : 1,
|
"stateStr" : "PRIMARY",
|
"uptime" : 239,
|
"optime" : Timestamp(1361966564000, 1),
|
"optimeDate" : ISODate("2013-02-27T12:02:44Z"),
|
"self" : true
|
},
|
{
|
"_id" : 1,
|
"name" : "ip-10-48-238-94:27017",
|
"health" : 1,
|
"state" : 2,
|
"stateStr" : "SECONDARY",
|
"uptime" : 6,
|
"optime" : Timestamp(1361966564000, 1),
|
"optimeDate" : ISODate("2013-02-27T12:02:44Z"),
|
"lastHeartbeat" : ISODate("2013-02-27T12:38:26Z"),
|
"pingMs" : 3,
|
"errmsg" : "syncing to: ip-10-227-21-162:27017"
|
},
|
{
|
"_id" : 2,
|
"name" : "ip-10-48-238-94:30000",
|
"health" : 1,
|
"state" : 7,
|
"stateStr" : "ARBITER",
|
"uptime" : 231,
|
"lastHeartbeat" : ISODate("2013-02-27T12:38:25Z"),
|
"pingMs" : 0
|
}
|
],
|
"ok" : 1
|
}
|