[SERVER-49280] Investigate issues with ocspValidationRefreshPeriodSecs Created: 02/Jul/20 Updated: 29/Oct/23 Resolved: 12/Nov/20 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | 4.9.0, 4.4.4 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Shreyas Kalyan | Assignee: | Shreyas Kalyan |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Backport Requested: |
v4.4
|
||||||||
| Sprint: | Security 2020-11-16 | ||||||||
| Participants: | |||||||||
| Description |
|
If ocspValidationRefreshPeriodSecs is set and the interval between the current time and next update is less than the interval, the server will have a down period where there isn’t a stapled response. When the first OCSP response is processed, if the nextUpdate field is sooner than ocspValidationRefreshPeriodSecs, the nextUpdate field should override the refresh value. |
| Comments |
| Comment by Githook User [ 25/Jan/21 ] |
|
Author: {'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@10gen.com', 'username': 'shreyaskalyan'}Message: (cherry picked from commit add2cc96db696e9295e3dc7a56337b28e13fd0a8) |
| Comment by Githook User [ 11/Nov/20 ] |
|
Author: {'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@10gen.com', 'username': 'shreyaskalyan'}Message: |