[SERVER-42938] Implement Infrastructure for Provisioning and Refreshing OCSP Responses in the Server Created: 20/Aug/19 Updated: 29/Oct/23 Resolved: 14/Feb/20 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | 4.3.4 |
| Type: | New Feature | Priority: | Major - P3 |
| Reporter: | Shreyas Kalyan | Assignee: | Shreyas Kalyan |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||
| Sprint: | Security 2019-12-16, Security 2019-12-30, Security 2019-01-13, Security 2019-01-27, Security 2020-02-10, Security 2020-02-24 | ||||||||||||
| Participants: | |||||||||||||
| Description |
|
If the server has a Stapling / MustStaple certificate, then it should cache the responses from the OCSP responder and refresh its response at an interval either specified by user or half the validity rate of the OCSP response. |
| Comments |
| Comment by Githook User [ 13/Feb/20 ] |
|
Author: {'name': 'Shreyas Kalyan', 'username': 'shreyaskalyan', 'email': 'shreyas.kalyan@10gen.com'}Message: create mode 100644 jstests/ocsp/ocsp_server_refresh.js |
| Comment by Shreyas Kalyan [ 07/Feb/20 ] |
|
Code Review: https://mongodbcr.appspot.com/545300249/ |