[CSHARP-2983] Add URI option to disable certificate revocation checking Created: 29/Feb/20  Updated: 25/Mar/20  Resolved: 10/Mar/20

Status: Closed
Project: C# Driver
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Vincent Kam (Inactive) Assignee: Vincent Kam (Inactive)
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related

 Description   

The new default for certificate revocation checking is true, per the new OCSP spec, and this may break user applications if their certificates fail revocation checking: this happened to our tests because x509gen certs in drivers-evergreen-tools fail revocation checking. Currently, certificate revocation checking can only be specified with code: thus any application upgrading to a version of the driver that enables this option by default and whose servers ' certificates fail revocation checking would need to disable certificate revocation checking in every single MongoClient in their application: a tedious process especially since MongoClients in our driver are lightweight. Adding a URI option would make it easier for affected applications to upgrade as they could simply update their connection string.
 
If we decide to do to this, we should also create a spec ticket 



 Comments   
Comment by Vincent Kam (Inactive) [ 10/Mar/20 ]

Done as part of: https://jira.mongodb.org/browse/CSHARP-2817

Generated at Wed Feb 07 21:44:02 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.