[CXX-2006] Add single responder OCSP certificates to drivers-evergreen-tools Created: 28/Apr/20  Updated: 04/May/20  Resolved: 04/May/20

Status: Closed
Project: C++ Driver
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Backlog - Core Eng Program Management Team Assignee: Unassigned
Resolution: Won't Do Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Description of Drivers Ticket:

The certificates in drivers-evergreen-tools currently have two OCSP endpoints defined, with the mock responder listening on the port defined in endpoint #2 in order to test whether a driver's TLS library will utilize all endpoints defined in a certificate to determine its revocation status.

john.stewart and I determined that Java hard-fails when it is unable to reach out to an OCSP endpoint, even if there is another valid endpoint available. Thus in order for Java (and drivers whose TLS library exhibits similar behavior), we must create a series of certificates with only a single OCSP endpoint defined.

 
See DRIVERS-1216 for updated details.


Generated at Wed Feb 07 22:04:36 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.