RavenDB-21872 Add certificate subject information to logs

haludi · Dec 31, 2023 · b39bbfe · b39bbfe
1 parent 0995ae7
commit b39bbfe
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 5 deletions.
diff --git a/src/Raven.Server/RavenServer.cs b/src/Raven.Server/RavenServer.cs
@@ -1250,14 +1250,14 @@ public async Task StartCertificateReplicationAsync(byte[] certBytes, bool replac
                 {
                     if (Logger.IsOperationsEnabled)
                     {
-                        Logger.Operations($"The new certificate matches the current one. No further steps needed.");
+                        Logger.Operations($"The new certificate matches the current one. No further steps needed. {Certificate.Certificate.GetBasicCertificateInfo()}");
                     }
                     return;
                 }
 
                 if (Logger.IsOperationsEnabled)
                 {
-                    Logger.Operations($"Starting certificate replication. old:{Certificate.Certificate.Thumbprint}, new:{newCertificate.Thumbprint}");
+                    Logger.Operations($"Starting certificate replication. current:{Certificate.Certificate.GetBasicCertificateInfo()}, new:{newCertificate.GetBasicCertificateInfo()}");
                 }
 
                 // During replacement of a cluster certificate, we must have both the new and the old server certificates registered in the server store.

diff --git a/src/Raven.Server/Utils/CertificateUtils.cs b/src/Raven.Server/Utils/CertificateUtils.cs
@@ -616,6 +616,11 @@ private static X509Certificate2 BuildNewPfx(SetupInfo setupInfo, X509Certificate
 
             return CertificateLoaderUtil.CreateCertificate(certBytes, flags: CertificateLoaderUtil.FlagsForExport);
         }
+
+        public static string GetBasicCertificateInfo(this X509Certificate2 certificate)
+        {
+            return $"{{\"Thumbprint\":\"{certificate.Thumbprint}\", \"Subject\":\"{certificate.Subject}\"}}";
+        }
     }
     public static class PublicKeyPinningHashHelpers
     {

diff --git a/src/Raven.Server/Web/Authentication/AdminCertificatesHandler.cs b/src/Raven.Server/Web/Authentication/AdminCertificatesHandler.cs
@@ -996,7 +996,7 @@ public async Task ReplaceClusterCert()
                         var timeoutTask = TimeoutManager.WaitFor(TimeSpan.FromSeconds(60), ServerStore.ServerShutdown);
                         if (Logger.IsOperationsEnabled)
                         {
-                            Logger.Operations("Initiating the replacement of the certificate upon explicit request");
+                            Logger.Operations("Initiating the replacement of the certificate upon explicit request - \"/admin/certificates/replace-cluster-cert\".");
                         }
                         var replicationTask = Server.StartCertificateReplicationAsync(certBytes, replaceImmediately, GetRaftRequestIdFromQuery());
 

diff --git a/test/SlowTests/ExtensionPoints/ExtensionPointsTests.cs b/test/SlowTests/ExtensionPoints/ExtensionPointsTests.cs
@@ -361,7 +361,7 @@ exit 1
             Assert.True(Server.Certificate.Certificate.Equals(serverCertificate));
         }
 
-        [Fact]
+        [RavenFact(RavenTestCategory.Certificates)]
         public async Task RenewCertificate_WhenGetTheSame_ShouldNotTriggerUpdatedServerCertificate()
         {
             var customSettings = new ConcurrentDictionary<string, string>();
@@ -417,12 +417,14 @@ exit 1
             }
 
             var ts = new TaskCompletionSource();
-            Server.ServerStore.Engine.StateMachine.Changes.ValueChanged += async (index, type) =>
+            Server.ServerStore.Engine.StateMachine.Changes.ValueChanged += (index, type) =>
             {
                 if (type == nameof(InstallUpdatedServerCertificateCommand))
                 {
                     ts.SetResult();
                 }
+
+                return Task.CompletedTask;
             };
 
             using (var store = GetDocumentStore(new Options