Skip to content

Commit 81052d6

Browse files
stevenpoststevenpost
committed
Allow mongosh to use system CA trust store
1 parent 9659beb commit 81052d6

File tree

2 files changed

+2
-0
lines changed

2 files changed

+2
-0
lines changed

lib/facter/is_master.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@ def get_options_from_hash_config(config)
2525
result << "--tls --host #{Facter.value(:fqdn)}" if config['net.tls.mode'] == 'requireTLS' || !config['net.tls.certificateKeyFile'].nil? || !config['net.tls.CAFile'].nil?
2626
result << "--tlsCertificateKeyFile #{config['net.tls.certificateKeyFile']}" unless config['net.tls.certificateKeyFile'].nil?
2727
result << "--tlsCAFile #{config['net.tls.CAFile']}" unless config['net.tls.CAFile'].nil?
28+
result << '--tlsUseSystemCA' if config['net.tls.CAFile'].nil?
2829

2930
result << '--ipv6' unless config['net.ipv6'].nil?
3031

lib/puppet/provider/mongodb.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -96,6 +96,7 @@ def self.mongosh_cmd(db, host, cmd)
9696

9797
tls_ca = config['tlsca']
9898
args += ['--tlsCAFile', tls_ca] unless tls_ca.nil?
99+
args += ['--tlsUseSystemCA'] if tls_ca.nil?
99100

100101
args.push('--tlsAllowInvalidHostnames') if tls_invalid_hostnames(config)
101102
end

0 commit comments

Comments
 (0)