Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-56848

RHEL 8.0 Server with OCSP and TLS fails to work

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major - P3
    • Resolution: Won't Fix
    • None
    • None
    • Security
    • None
    • ALL
    • Security 2021-05-31

    Description

      When trying to switch the Go driver to run OCSP stapling tests against RHEL 8.0 instead of Ubuntu 18.04, we found similar issues to SERVER-51364.

      It looks like OpenSSL on RHEL 8.0 might also have a bug in it. When servers running using this version of OpenSSL try to speak with a Go client with OCSP Stapling, the connection establishment will fail with "tls: unexpected message".

      This problem is very similar to the one in Ubuntu 18.04, so they may be related. Note that OCSP stapling seems to work just fine on RHEL 7.0, so the Go driver will test our OCSP functionality against that for now. Here are failures with stapling with RHEL 8.0 and the Go driver, and here are the same tests succeeding on RHEL 7.0.

      Attachments

        Issue Links

          Activity

            People

              shreyas.kalyan@mongodb.com Shreyas Kalyan
              benji.rewis@mongodb.com Benji Rewis
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: