Details
-
Task
-
Resolution: Fixed
-
Major - P3
-
None
Description
Many of the CSFLE tests currently fail and/or are flaky as a result of certificate validation errors. The problematic tests are:
/client_side_encryption/datakey_and_double_encryption
|
/client_side_encryption/corpus
|
/client_side_encryption/custom_endpoint
|
/client_side_encryption/kms_tls/wrong_host
|
/client_side_encryption/kms_tls_options
|
Some of the errors messages produced include:
TLS handshake failed: Failed OCSP verification
|
|
|
mongoc: OCSP response failed verification: error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error
|
|
|
[TLS handshake failed: Failed certificate verification] does not contain [IP address mismatch]
|
They are currently being skipped, so to work on them, it will first be necessary to remove them from .evergreen/skip-tests.txt and run a patch build to determine the current failure mode(s).
Attachments
Issue Links
- is related to
-
CDRIVER-3620 Audit evergreen matrix
-
- Closed
-
- related to
-
CDRIVER-3814 /client_side_encryption/azureKMS failing on RHEL 7.0 / RHEL 7.1
-
- Closed
-