While trying to move data from a user/password authentication replicaSet to a x509 authenticated replicaSet with a user with the "restore" role, I'm getting an authorization error. The dump was generated with mongodump. Both the drop and create index commands are failing (but the user DOES have the restore role). What is concerning here is the lack of authenticate() command in the logs for the mongorestore (like we see from the x509 auth'd RS members).

[netkiadmin@mongo01 dump]$ mongorestore -h dbhost.example.com --ssl --sslPEMKeyFile ~/certs/restore_user_cert.pem --drop -d db_name --authenticationMechanism MONGODB-X509 -vvvv db_dump_directory
2015-03-16T22:02:49.163+0000 creating new connection to:dbhost.example.com:27017
2015-03-16T22:02:49.163+0000 [ConnectBG] BackgroundJob starting: ConnectBG
2015-03-16T22:02:49.164+0000 connected to server dbhost.example.com:27017 (10.0.100.75)
2015-03-16T22:02:49.169+0000 connected connection!
connected to: dbhost.example.com
2015-03-16T22:02:49.170+0000 drillDown: db_name
2015-03-16T22:02:49.170+0000 drillDown: db_name/partner.bson
2015-03-16T22:02:49.170+0000 db_name/partner.bson
2015-03-16T22:02:49.170+0000 going into namespace [db_name.partner]
2015-03-16T22:02:49.170+0000 dropping
file size: 1313
3 objects found
2015-03-16T22:02:49.171+0000 Creating index: { key:

, name: "id", ns: "db_name.partner" }
Error creating index db_name.partner: 13 err: "not authorized to create index on db_name.partner"

The MongoDB server that I'm trying to restore to is showing only the following (and again not showing an authenticate log message like the cluster members do):

2015-03-16T22:02:41.223+0000 [initandlisten] connection accepted from 10.0.100.100:54931 #18490 (9 connections now open)
2015-03-16T22:02:41.230+0000 [conn18490] Unauthorized not authorized on db_name to execute command

2015-03-16T22:02:41.233+0000 [conn18490] end connection 10.0.100.100:54931 (8 connections now open)