-
Notifications
You must be signed in to change notification settings - Fork 58
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(cli-repl): add tlsCertificateSelector support on Win32 MONGOSH-573 #717
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should be ready for review -- I've manually verified that this works with actual certificate/private key combinations from the Windows CA store.
@@ -181,7 +186,8 @@ describe('e2e TLS', () => { | |||
); | |||
const certUser = 'emailAddress=tester@example.com,CN=Wonderwoman,OU=DevTools Testers,O=MongoDB'; | |||
|
|||
it('can connect with cert to create user', async() => { | |||
before(async() => { | |||
/* connect with cert to create user */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
... took me half an hour to figure out why the server couldn't find the user :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorrrryyy :D
…r support on Win32 MONGOSH-573
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome :) I just think we should update the usage / help output and the README to document our newly supported flag :D
@@ -181,7 +186,8 @@ describe('e2e TLS', () => { | |||
); | |||
const certUser = 'emailAddress=tester@example.com,CN=Wonderwoman,OU=DevTools Testers,O=MongoDB'; | |||
|
|||
it('can connect with cert to create user', async() => { | |||
before(async() => { | |||
/* connect with cert to create user */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorrrryyy :D
@@ -106,9 +106,7 @@ const DEPRECATED_ARGS_WITH_REPLACEMENT: Record<string, string> = { | |||
const UNSUPPORTED_ARGS: Readonly<string[]> = [ | |||
'eval', | |||
'sslFIPSMode', | |||
'tlsFIPSMode', | |||
'sslCertificateSelector', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should probably update the help text of the CLI to include the flags and also add a comment in there to say that it's currently only supported on Windows.
…Selector support on Win32 MONGOSH-573
@rose-m I’ve updated the README/help output, but the flag was already documented – it should not have been, right? |
Yeah it should have been removed by my other PR where I cleaned those up... anyway - now looks good ✅ |
No tests so far (including no manual ones), and I think testing this automatically would have to involve stubbing out the
win-export-certificate-and-key
package.