[SERVER-47804] On Windows, warn user about slow OCSP responses Created: 27/Apr/20  Updated: 29/Oct/23  Resolved: 17/Aug/21

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 5.1.0-rc0

Type: Improvement Priority: Major - P3
Reporter: Mark Benvenuto Assignee: Erwin Pe
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Backwards Compatibility: Fully Compatible
Sprint: Security 2021-08-23
Participants:
Linked BF Score: 16

 Description   

On Windows, OCSP information for certificates is retrieved as part of GetCertificateChain. If the OCSP information is not cached, Windows will synchronously make requests for OCSP and/or CRL information. If these OCSP and/or CRL servers are slow to respond, this gives the user a poor user experience and may cause overall connection timeouts.

We should warn users if connections take more than a certain threshold, say 5 seconds.



 Comments   
Comment by Vivian Ge (Inactive) [ 06/Oct/21 ]

Updating the fixversion since branching activities occurred yesterday. This ticket will be in rc0 when it’s been triggered. For more active release information, please keep an eye on #server-release. Thank you!

Comment by Githook User [ 17/Aug/21 ]

Author:

{'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}

Message: SERVER-47804 On Windows, warn user about slow OCSP responses
Branch: master
https://github.com/mongodb/mongo/commit/fef0c3a59f8f84b143dd31e48fbd70890998cf89

Generated at Thu Feb 08 05:15:17 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.