bneradt commented on code in PR #13312:
URL: https://github.com/apache/trafficserver/pull/13312#discussion_r3460912666


##########
src/iocore/net/OCSPStapling.cc:
##########
@@ -1421,7 +1421,7 @@ ssl_callback_ocsp_stapling(SSL *ssl, void *)
   time_t current_time = time(nullptr);
   if ((cinf->resp_derlen == 0 || cinf->is_expire) || (cinf->expire_time < 
current_time && !cinf->is_prefetched)) {
     ink_mutex_release(&cinf->stapling_mutex);
-    Error("ssl_callback_ocsp_stapling: failed to get certificate status for 
%s", cinf->certname);
+    Dbg(dbg_ctl_ssl_ocsp, "ssl_callback_ocsp_stapling: failed to get 
certificate status for %s", cinf->certname);

Review Comment:
   Is this OK to downgrade? The other cert related messages in this function 
are Error. I'm not saying not to downgrade, but I just want to double check 
this is OK. Doesn't the user need to be alerted to issues like this?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to