Certly log get-roots truncated response
46 views
Skip to first unread message
Rob Stradling
Aug 3, 2015, 6:04:04 PM8/3/15
to Ian Carroll, certificate-transparency
Hi Ian. My monitor calls get-roots once a day to check for any changes.
https://log.certly.io/ct/v1/get-roots was returning a response of
272,626 bytes, but today it's only returning 65,034 bytes.
It's clearly truncated (rather than deliberate) because there are no "]"
and "}" characters at the end of the response to complete the JSON object.
Is the close proximity of 65,034 to 64K just a coincidence?
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
https://log.certly.io/ct/v1/get-roots was returning a response of
272,626 bytes, but today it's only returning 65,034 bytes.
It's clearly truncated (rather than deliberate) because there are no "]"
and "}" characters at the end of the response to complete the JSON object.
Is the close proximity of 65,034 to 64K just a coincidence?
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
Ian Carroll
Aug 5, 2015, 1:50:47 PM8/5/15
to certificate-transparency, i...@certly.io
Uh oh. I'll look into this now. I think it's related to us caching responses.
Ian Carroll
Aug 5, 2015, 1:55:35 PM8/5/15
to certificate-transparency, i...@certly.io
It looks like we got bitten by nginx's proxy buffering, which was not adequately set high enough to allow the entire response to buffer. It's been resolved now.
Pierre Phaneuf
Aug 5, 2015, 2:13:46 PM8/5/15
to certificate-...@googlegroups.com, i...@certly.io
Responses from the CT server can be potentially fairly large, BTW. A
good example is get-entries, which can return a lot of entries,
depending on the parameters (and the flags to ct-server, since it has
a limit).
> --
> You received this message because you are subscribed to the Google Groups
> "certificate-transparency" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to certificate-transp...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
good example is get-entries, which can return a lot of entries,
depending on the parameters (and the flags to ct-server, since it has
a limit).
> You received this message because you are subscribed to the Google Groups
> "certificate-transparency" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to certificate-transp...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages