-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Major - P3
-
Affects Version/s: 1.4.3
-
Component/s: None
-
None
-
Environment:macOS with Secure Transport
Opening this as a tracking ticket for CDRIVER-2624, which describes an issue with TLS renegotiation when the client or server is using Secure Channel and Secure Transport (possible server-side with 3.7.4+).
AFAICT, this is related to mongodb/mongo-php-driver#791, where a user reported the following sporadic exception from a macOS application connecting to an Atlas server:
No suitable servers found (`serverSelectionTryOnce` set): [connection timeout calling ismaster on 'cluster0-shard-00-00-b2gpc.mongodb.net:27017'] [connection timeout calling ismaster on 'cluster0-shard-00-01-b2gpc.mongodb.net:27017'] [TLS handshake failed: -9806 calling ismaster on 'cluster0-shard-00-02-b2gpc.mongodb.net:27017']
The relevant bit here is Secure Transport error code -9806, which corresponds to errSSLClosedAbort. That's a bit vague, but jesse was able to reproduce the same error code in this comment.
This is more relevant since macOS users are likely using Secure Transport in 1.4.x due to formula changes (before Homebrew removed the PHP tap) and our change to PECL defaults in PHPC-1156.
- depends on
-
-
- Closed
-
-
PHPC-1174 Upgrade bundled libbson and libmongoc to 1.10
-
- Closed
-
- related to
-
PHPC-1315 Disable TLS renegotiation when possible
-
- Closed
-
- links to