Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 5.0.3, 4.4.9, 5.1.0-rc0
Affects Version/s: 5.1 Required
Component/s: Security
Labels:
None

Backwards Compatibility:
Minor Change
Operating System:
ALL
Backport Requested:

v5.0, v4.4
Sprint:
Security 2021-07-12, Security 2021-07-26, Security 2021-08-09
Case:
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

tls section may contain CAFile and certificateKeyFile parameters. When CAFile and certificateKeyFile both contain partial certificate chains, the X509_verify_cert call in OCSPFetcher::fetchAndStaple fails with error 20: "unable to get local issuer certificate"

is related to

SERVER-35418 Allow specifying CAs for incoming and outgoing connections separately

Closed

Assignee:: Sergey Galtsev (Inactive)
Reporter:: Sergey Galtsev (Inactive)
Participants:: Githook User, Sergey Galtsev
Votes:: 0 Vote for this issue
Watchers:: 6 Start watching this issue

Created:: Jun 15 2021 06:52:47 PM UTC
Updated:: Oct 29 2023 09:52:10 PM UTC
Resolved:: Aug 06 2021 09:24:47 PM UTC
Confidence Status Last Update:: 26/Jul/21 8:55 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates