[SERVER-59825] Include the Connection ID in OCSP Error Messages within mongoD logs Created: 03/Sep/21 Updated: 27/Oct/23 Resolved: 21/Jan/22 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Aaron Bromberg | Assignee: | Spencer Jackson |
| Resolution: | Community Answered | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Sprint: | Security 2022-01-24 |
| Participants: |
| Description |
|
Problem: Example:
This makes filtering internal Atlas issues difficult to separate from client-side issues, and has lead to multiple support tickets where customer quote these log lines as reasons for application connection problems. Proposed Solution: |
| Comments |
| Comment by Spencer Jackson [ 21/Jan/22 ] |
|
As a note, OCSP can happen in several places: |
| Comment by Aaron Bromberg [ 30/Dec/21 ] |
|
Hi spencer.jackson. Since the OCSP validation is supposed to happen in the background, do you know if we are expecting to show INFO and WARN OCSP log lines in the mongod logs within Atlas when OCSP is enabled in the driver/client? |
| Comment by Spencer Jackson [ 30/Dec/21 ] |
|
Hello aaron.bromberg, I do not believe this request is possible, because the "Fetch and Staple" operation is performed independently from any client connection. It is a background operation which pre-emptively requests OCSP responses and readies them to transmission to future clients. The error message that you're observing could be related to |
| Comment by Lauren Lewis (Inactive) [ 21/Dec/21 ] |
|
Moving to backlog-server-security for triage. |