Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-3494

Suppress repeated OcspSigningCache warnings

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Cosmetic
    • Resolution: Fixed
    • Affects Version/s: EJBCA 6.1.1
    • Fix Version/s: EJBCA 6.2.0
    • Component/s: Protocols
    • Labels:
      None
    • Issue discovered during:
      Integration

      Description

      When org.cesecore.certificates.ocsp.cache.OcspSigningCache reloads the list of valid OCSP signers, it tries to detect a default signer and complains if none is found.

      Since we can cache values in this class, I would suggest that

      • we only show the messages the first time as long as the status does not change.
      • we show when the default responder becomes available
      • if the default responder is once more available, we should reset this flag and show additional failures.

      There is another related inconsistency that should be handled under this issue as well in this class:

      if (log.isDebugEnabled())

      { log.info(...); }

      Example output:
      11:34:13,908 INFO [OcspSigningCache] Default OCSP responder with subject 'CN=ManagementCA,O=EJBCA Sample,C=SE' was not found. OCSP requests for certificates issued by unknown CAs will fail with response code 2 (internal error).
      11:34:13,909 INFO [OcspSigningCache] No default OCSP responder has been configured. OCSP requests for certificates issued by unknown CAs will fail with response code 2 (internal error).

        Attachments

          Activity

            People

            Assignee:
            tomas Tomas Gustavsson
            Reporter:
            johan Johan Eklund
            Verified by:
            Mike Agrenius Kushner
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: