[ssl]: Decrease log level when common name or subject name are not present in the peer certificate. (#35410)

This a pretty common occurrence (e.g. if the peer has a SPIFFE cert) and is causing lots of log spam, see e.g. b/316690986. Closes #35410 COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/35410 from matthewstevenson88:decrease-log-level e74f802114 PiperOrigin-RevId: 595531452
1 year ago · e535be8713
parent 264f4f4f54
commit e535be8713
1 changed files with 3 additions and 2 deletions
--- a/src/core/tsi/ssl_transport_security.cc
+++ b/src/core/tsi/ssl_transport_security.cc
@ -269,13 +269,14 @@ static tsi_result ssl_get_x509_common_name(X509* cert, unsigned char** utf8,
  X509_NAME* subject_name = X509_get_subject_name(cert);
  int utf8_returned_size = 0;
  if (subject_name == nullptr) {
-    gpr_log(GPR_INFO, "Could not get subject name from certificate.");
+    gpr_log(GPR_DEBUG, "Could not get subject name from certificate.");
    return TSI_NOT_FOUND;
  }
  common_name_index =
      X509_NAME_get_index_by_NID(subject_name, NID_commonName, -1);
  if (common_name_index == -1) {
-    gpr_log(GPR_INFO, "Could not get common name of subject from certificate.");
+    gpr_log(GPR_DEBUG,
+            "Could not get common name of subject from certificate.");
    return TSI_NOT_FOUND;
  }
  common_name_entry = X509_NAME_get_entry(subject_name, common_name_index);