SERVER-35016 Adding commmon log for client/server certificate with LOG(1)

(cherry picked from commit 38f7aa5ad7aa3b7bf1b9ffa0dc28627083e2f8b8)

3 files changed, 23 insertions, 11 deletions

diff --git a/jstests/ssl/ssl_cert_selector_apple.js b/jstests/ssl/ssl_cert_selector_apple.js
index 616badb5e07..2de17aea5f5 100644
--- a/jstests/ssl/ssl_cert_selector_apple.js
+++ b/jstests/ssl/ssl_cert_selector_apple.js
@@ -34,7 +34,8 @@ requireSSLProvider('apple', function() {
             sslMode: 'requireSSL',
             sslCertificateSelector: cert.selector,
             sslClusterCertificateSelector: cluster.selector,
-            waitForConnect: false
+            waitForConnect: false,
+            setParameter: {logLevel: '1'},
         };
         clearRawMongoProgramOutput();
         const mongod = MongoRunner.runMongod(opts);
diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp
index 24872cb2e4c..f98ac09edb3 100644
--- a/src/mongo/util/net/ssl_manager.cpp
+++ b/src/mongo/util/net/ssl_manager.cpp
@@ -25,6 +25,9 @@
  *    then also delete it in the license file.
  */
 
+
+#define MONGO_LOG_DEFAULT_COMPONENT ::mongo::logger::LogComponent::kNetwork
+
 #include "mongo/platform/basic.h"
 
 #include "mongo/util/net/ssl_manager.h"
@@ -33,12 +36,14 @@
 #include <string>
 #include <vector>
 
+#include "mongo/base/init.h"
 #include "mongo/bson/bsonobjbuilder.h"
 #include "mongo/config.h"
 #include "mongo/db/server_parameters.h"
 #include "mongo/platform/overflow_arithmetic.h"
 #include "mongo/transport/session.h"
 #include "mongo/util/hex.h"
+#include "mongo/util/log.h"
 #include "mongo/util/mongoutils/str.h"
 #include "mongo/util/net/ssl_options.h"
 #include "mongo/util/net/ssl_types.h"
@@ -65,9 +70,9 @@ ExportedServerParameter<std::string, ServerParameterType::kStartupOnly>
     setDiffieHellmanParameterPEMFile(ServerParameterSet::getGlobal(),
                                      "opensslDiffieHellmanParameters",
                                      &sslGlobalParams.sslPEMTempDHParam);
-
 }  // namespace
 
+
 SSLPeerInfo& SSLPeerInfo::forSession(const transport::SessionHandle& session) {
     return peerInfoForSession(session.get());
 }
@@ -146,6 +151,21 @@ std::string x509OidToShortName(const std::string& name) {
 #endif
 }  // namespace
 
+MONGO_INITIALIZER_WITH_PREREQUISITES(SSLManagerLogger, ("SSLManager", "GlobalLogManager"))
+(InitializerContext*) {
+    if (!isSSLServer || (sslGlobalParams.sslMode.load() != SSLParams::SSLMode_disabled)) {
+        const auto& config = getSSLManager()->getSSLConfiguration();
+        if (!config.clientSubjectName.empty()) {
+            LOG(1) << "Client Certificate Name: " << config.clientSubjectName;
+        }
+        if (!config.serverSubjectName.empty()) {
+            LOG(1) << "Server Certificate Name: " << config.serverSubjectName;
+            LOG(1) << "Server Certificate Expiration: " << config.serverCertificateExpirationDate;
+        }
+    }
+    return Status::OK();
+}
+
 StatusWith<std::string> SSLX509Name::getOID(StringData oid) const {
     for (const auto& rdn : _entries) {
         for (const auto& entry : rdn) {
diff --git a/src/mongo/util/net/ssl_manager_apple.cpp b/src/mongo/util/net/ssl_manager_apple.cpp
index 01569048e24..7466c18fa6e 100644
--- a/src/mongo/util/net/ssl_manager_apple.cpp
+++ b/src/mongo/util/net/ssl_manager_apple.cpp
@@ -1422,15 +1422,6 @@ MONGO_INITIALIZER(SSLManager)(InitializerContext*) {
     stdx::lock_guard<SimpleMutex> lck(sslManagerMtx);
     if (!isSSLServer || (sslGlobalParams.sslMode.load() != SSLParams::SSLMode_disabled)) {
         theSSLManager = new SSLManagerApple(sslGlobalParams, isSSLServer);
-        const auto& config = theSSLManager->getSSLConfiguration();
-        log() << "Secure Transport Initialized";
-        if (!config.clientSubjectName.empty()) {
-            log() << "Client Certificate Name: " << config.clientSubjectName;
-        }
-        if (!config.serverSubjectName.empty()) {
-            log() << "Server Certificate Name: " << config.serverSubjectName;
-            log() << "Server Certificate Expiration: " << config.serverCertificateExpirationDate;
-        }
     }
     return Status::OK();
 }