-
Type:
Bug
-
Resolution: Gone away
-
Priority:
Major - P3
-
None
-
Affects Version/s: None
-
Component/s: Tests
-
None
test-ocsp-valid-cert-server-staples fails with this error:
[P: 70] [2020/03/20 17:46:39.670] ERROR: test_tls (__main__.TestOCSP) [P: 70] [2020/03/20 17:46:39.670] ---------------------------------------------------------------------- [P: 70] [2020/03/20 17:46:39.670] Traceback (most recent call last): [P: 70] [2020/03/20 17:46:39.670] File "test/ocsp/test_ocsp.py", line 66, in test_tls [P: 70] [2020/03/20 17:46:39.670] _connect(options) [P: 70] [2020/03/20 17:46:39.670] File "test/ocsp/test_ocsp.py", line 39, in _connect [P: 70] [2020/03/20 17:46:39.670] client.admin.command('ismaster') [P: 70] [2020/03/20 17:46:39.670] File "/data/mci/0f58b851d10c4943d969da7adea92eeb/src/pymongo/database.py", line 730, in command [P: 70] [2020/03/20 17:46:39.670] with self.__client._socket_for_reads( [P: 70] [2020/03/20 17:46:39.670] File "/opt/python/3.8/lib/python3.8/contextlib.py", line 113, in __enter__ [P: 70] [2020/03/20 17:46:39.670] return next(self.gen) [P: 70] [2020/03/20 17:46:39.670] File "/data/mci/0f58b851d10c4943d969da7adea92eeb/src/pymongo/mongo_client.py", line 1307, in _socket_for_reads [P: 70] [2020/03/20 17:46:39.670] server = self._select_server(read_preference, session) [P: 70] [2020/03/20 17:46:39.670] File "/data/mci/0f58b851d10c4943d969da7adea92eeb/src/pymongo/mongo_client.py", line 1262, in _select_server [P: 70] [2020/03/20 17:46:39.670] server = topology.select_server(server_selector) [P: 70] [2020/03/20 17:46:39.670] File "/data/mci/0f58b851d10c4943d969da7adea92eeb/src/pymongo/topology.py", line 234, in select_server [P: 70] [2020/03/20 17:46:39.670] return random.choice(self.select_servers(selector, [P: 70] [2020/03/20 17:46:39.670] File "/data/mci/0f58b851d10c4943d969da7adea92eeb/src/pymongo/topology.py", line 193, in select_servers [P: 70] [2020/03/20 17:46:39.670] server_descriptions = self._select_servers_loop( [P: 70] [2020/03/20 17:46:39.670] File "/data/mci/0f58b851d10c4943d969da7adea92eeb/src/pymongo/topology.py", line 209, in _select_servers_loop [P: 70] [2020/03/20 17:46:39.670] raise ServerSelectionTimeoutError( [P: 70] [2020/03/20 17:46:39.670] pymongo.errors.ServerSelectionTimeoutError: [('SSL routines', 'tls_process_initial_server_flight', 'invalid status response')]
appears that pymongo rejects the connections because the server does not staple:
[P: 70] [2020/03/20 17:46:39.661] EDEBUG:pymongo.ocsp_support:Peer presented a must-staple cert [P: 70] [2020/03/20 17:46:39.661] DEBUG:pymongo.ocsp_support:Peer did not staple an OCSP response [P: 70] [2020/03/20 17:46:39.661] DEBUG:pymongo.ocsp_support:Must-staple cert with no stapled response, hard fail.
The server logs indicate that it could not contact the OCSP responder:
{"t":{"$date":"2020-03-20T17:46:24.206+00:00"},"s":"D1","c":"-", "id":23074,"ctx":"OCSPManagerHTTP-1","msg":"User Assertion: {status} {file} {line}","attr":{"status":"OperationFailed: Bad HTTP response from API server: Couldn't connect to server","file":"src/mongo/util/net/http_client_curl.cpp","line":326}}
{"t":{"$date":"2020-03-20T17:46:24.222+00:00"},"s":"W", "c":"NETWORK", "id":23233,"ctx":"OCSPManagerHTTP-0","msg":"Could not staple OCSP response to outgoing certificate."}
{"t":{"$date":"2020-03-20T17:46:24.223+00:00"},"s":"D1","c":"-", "id":23074,"ctx":"OCSPManagerHTTP-1","msg":"User Assertion: {status} {file} {line}","attr":{"status":"OperationFailed: Bad HTTP response from API server: Couldn't connect to server","file":"src/mongo/util/net/http_client_curl.cpp","line":326}}
{"t":{"$date":"2020-03-20T17:46:24.234+00:00"},"s":"W", "c":"NETWORK", "id":23233,"ctx":"OCSPManagerHTTP-0","msg":"Could not staple OCSP response to outgoing certificate."}
- depends on
-
SERVER-47051 Investigate OCSP failures on 4.3.4 and on 4.5.0
-
- Closed
-
- related to
-
-
- Closed
-