fix tests

Author: qingyang-hu

internal/integration/client_side_encryption_prose_test.go

@@ -1637,11 +1637,11 @@ func TestClientSideEncryptionProse(t *testing.T) {
 				_, err = cpt.clientEnc.CreateDataKey(context.Background(), tc.name, dkOpts)
 				// check if current test case is KMIP, which should pass
 				if tc.name == "kmip" {
-					assert.Nil(mt, err, "expected no error, got err: %v", err)
+					assert.Nil(mt, err, "expected no error, got err: %v, %s", err, tlsClientCertificateKeyFileKMIP)
 				} else {
 					assert.NotNil(mt, err, "expected error, got nil")
 					assert.True(mt, strings.Contains(err.Error(), tc.tlsError),
-						"expected error '%s' to contain '%s'", err.Error(), tc.tlsError)
+						"expected error '%s' to contain '%s', %s", err.Error(), tc.tlsError, tlsClientCertificateKeyFileKMIP)
 				}
 
 				// call CreateDataKey with expired CEO each provider and same masterKey
@@ -2988,8 +2988,16 @@ func TestClientSideEncryptionProse(t *testing.T) {
 			mt.Skipf("Skipping test as KMS_FAILPOINT_SERVERS_RUNNING is not set")
 		}
 
-		tlsCfg := &tls.Config{
-			InsecureSkipVerify: true,
+		mt.Parallel()
+
+		var tlsCfg *tls.Config
+		if tlsCAFileKMIP != "" {
+			var err error
+			clientAndCATlsMap := map[string]interface{}{
+				"tlsCAFile": tlsCAFileKMIP,
+			}
+			tlsCfg, err = options.BuildTLSConfig(clientAndCATlsMap)
+			require.Nil(mt, err, "BuildTLSConfig error: %v", err)
 		}
 
 		setFailPoint := func(failure string, count int) error {
@@ -3023,7 +3031,7 @@ func TestClientSideEncryptionProse(t *testing.T) {
 		require.NoError(mt, err, "error on NewClientEncryption: %v", err)
 
 		err = setFailPoint("network", 1)
-		require.NoError(mt, err, "mock server error: %v", err)
+		require.NoError(mt, err, "mock server error: %v, %s", err, tlsCAFileKMIP)
 
 		dkOpts := options.DataKey().SetMasterKey(
 			bson.D{