[SERVER-56680] Add high verbosity logs for OCSP stapling Created: 05/May/21  Updated: 09/Jan/24

Status: Open
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Kevin Albertson Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: former-quick-wins
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
Duplicate
duplicates SERVER-57701 Improve error reporting for OCSP Closed
Gantt Dependency
Related
Assigned Teams:
Server Security
Backport Requested:
v5.0, v4.4
Sprint: Security 2021-06-28, Security 2021-07-12, Security 2021-07-26, Security 2021-08-09, Security 2021-08-23, Security 2021-09-20, Security 2021-10-04, Security 2021-10-18, Security 2021-11-01, Security 2021-11-15, Security 2021-11-29, Security 2022-02-07, Security 2022-02-21, Security 2022-05-02, Security 2022-06-27, Security 2022-07-11, Security 2022-08-08, Security 2022-10-03, Security 2022-10-17, Security 2022-11-14, Security 2022-12-12, Security 2023-05-29, Security 2023-08-07, Security 2023-08-21, Security 2023-09-04, Security 2023-09-18, Security 2023-10-02, Security 2023-10-16, Security 2023-10-30, Security 2023-11-13, Security 2023-11-27, Security 2023-12-11, Security 2023-12-25, Security 2024-01-08
Participants:
Case:
Linked BF Score: 0

 Description   

To help investigate OCSP stapling behavior, it would be helpful if mongod added high verbosity network component logs for debugging in the following scenarios:

  • sending a request to an OCSP responder to staple the server certificate
  • when OCSP stapling is explicitly disabled on a platform

In particular, while investigating the cause of GODRIVER-1961, it was not clear from logs that OCSP stapling was disabled on Ubuntu 18.04.


Generated at Thu Feb 08 05:39:54 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.