letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix ROCSP Stage 3 metric cardinality explosion (#6341) 

The third argument to signAndSave is intended to be a "cause", to
provide a description of why we are doing a fresh signing that can
be included in our metric labels.

It was mistakenly being set to the serial number of the cert whose
new OCSP response is being generated, causing the number of
unique labels on this metric to explode.

Part of #6339
This commit is contained in:
Aaron Gable 2022-09-02 09:45:24 -07:00 committed by GitHub
parent b7b662e755
commit dcc313cae2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ocsp/responder/redis/checked_redis_source.go
View File

@ -123,7 +123,7 @@ func (src *checkedRedisSource) Response(ctx context.Context, req *ocsp.Request)
}
// Otherwise, the DB is authoritative. Trigger a fresh signing.
freshResult, err := src.base.signAndSave(ctx, req, serialString)
freshResult, err := src.base.signAndSave(ctx, req, "stale_redis")
if err != nil {
src.counter.WithLabelValues("sign_and_save_error").Inc()
return nil, err