[ https://issues.apache.org/jira/browse/TS-3007?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Leif Hedstrom updated TS-3007: ------------------------------ Fix Version/s: 5.2.0 > Stats for all TLS alerts defined in RFC 5246 > ---------------------------------------------- > > Key: TS-3007 > URL: https://issues.apache.org/jira/browse/TS-3007 > Project: Traffic Server > Issue Type: Improvement > Reporter: Alexey Ivanov > Fix For: 5.2.0 > > > Currently we collect following TLS alerts stats: > {code} > proxy.process.ssl.user_agent_other_errors=0 > proxy.process.ssl.user_agent_expired_cert=0 > proxy.process.ssl.user_agent_revoked_cert=0 > proxy.process.ssl.user_agent_unknown_cert=0 > proxy.process.ssl.user_agent_cert_verify_failed=0 > proxy.process.ssl.user_agent_bad_cert=0 > proxy.process.ssl.user_agent_decryption_failed=0 > proxy.process.ssl.user_agent_wrong_version=0 > proxy.process.ssl.user_agent_unknown_ca=0 > /* + same set for origin_server */ > {code} > Though [RFC 5246] defines following set: > {code} > enum { > close_notify(0), > unexpected_message(10), > bad_record_mac(20), > decryption_failed_RESERVED(21), > record_overflow(22), > decompression_failure(30), > handshake_failure(40), > no_certificate_RESERVED(41), > bad_certificate(42), > unsupported_certificate(43), > certificate_revoked(44), > certificate_expired(45), > certificate_unknown(46), > illegal_parameter(47), > unknown_ca(48), > access_denied(49), > decode_error(50), > decrypt_error(51), > export_restriction_RESERVED(60), > protocol_version(70), > insufficient_security(71), > internal_error(80), > user_canceled(90), > no_renegotiation(100), > unsupported_extension(110), > (255) > } AlertDescription; > {code} > Probably we want to adjust ATS naming and number of collected stats to match > RFC. > Also maybe it's good idea to put them under {{proxy.process.ssl.alerts}} > [RFC 5246] http://tools.ietf.org/html/rfc5246#section-7.2 > [~briang] Can you take a look into it? -- This message was sent by Atlassian JIRA (v6.2#6252)