Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-4347

CSFLE tests failing with certificate validation errors

      Many of the CSFLE tests currently fail and/or are flaky as a result of certificate validation errors. The problematic tests are:

      /client_side_encryption/datakey_and_double_encryption
      /client_side_encryption/corpus
      /client_side_encryption/custom_endpoint
      /client_side_encryption/kms_tls/wrong_host
      /client_side_encryption/kms_tls_options
      

      Some of the errors messages produced include:

      TLS handshake failed: Failed OCSP verification
      
      mongoc: OCSP response failed verification: error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error
      
      [TLS handshake failed: Failed certificate verification] does not contain [IP address mismatch]
      

      They are currently being skipped, so to work on them, it will first be necessary to remove them from .evergreen/skip-tests.txt and run a patch build to determine the current failure mode(s).

            Assignee:
            ezra.chung@mongodb.com Ezra Chung
            Reporter:
            roberto.sanchez@mongodb.com Roberto Sanchez
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: