3 files changed, 22 insertions, 13 deletions

diff --git a/src/mongo/util/net/ssl_manager_apple.cpp b/src/mongo/util/net/ssl_manager_apple.cpp
index 832e0b54262..98024421e5a 100644
--- a/src/mongo/util/net/ssl_manager_apple.cpp
+++ b/src/mongo/util/net/ssl_manager_apple.cpp
@@ -1675,11 +1675,12 @@ Future<SSLPeerInfo> SSLManagerApple::parseAndValidatePeerCertificate(
     // The cipher will be presented as a number.
     ::SSLCipherSuite cipher;
     uassertOSStatusOK(::SSLGetNegotiatedCipher(ssl, &cipher));
-
-    LOGV2_INFO(6723803,
-               "Accepted TLS connection from peer",
-               "peerSubjectName"_attr = peerSubjectName,
-               "cipher"_attr = cipher);
+    if (!serverGlobalParams.quiet.load()) {
+        LOGV2_INFO(6723803,
+                   "Accepted TLS connection from peer",
+                   "peerSubjectName"_attr = peerSubjectName,
+                   "cipher"_attr = cipher);
+    }
 
     // Server side.
     if (remoteHost.empty()) {
diff --git a/src/mongo/util/net/ssl_manager_openssl.cpp b/src/mongo/util/net/ssl_manager_openssl.cpp
index a8418eed3fa..606dd1e8868 100644
--- a/src/mongo/util/net/ssl_manager_openssl.cpp
+++ b/src/mongo/util/net/ssl_manager_openssl.cpp
@@ -771,6 +771,10 @@ Future<UniqueOCSPResponse> retrieveOCSPResponse(const std::string& host,
         return getSSLFailure("Could not convert type OCSP Response to DER encoded object.");
     }
 
+    if (!OCSPManager::get(getGlobalServiceContext())) {
+        return getSSLFailure("OCSP fetch could not complete, server is in shutdown mode.");
+    }
+
     // Query the OCSP responder
     return OCSPManager::get(getGlobalServiceContext())
         ->requestStatus(buffer, host, purpose)
@@ -3309,10 +3313,12 @@ Future<SSLPeerInfo> SSLManagerOpenSSL::parseAndValidatePeerCertificate(
     // TODO: check optional cipher restriction, using cert.
     auto peerSubject = getCertificateSubjectX509Name(peerCert.get());
     const auto cipher = SSL_get_current_cipher(conn);
-    LOGV2_INFO(6723801,
-               "Accepted TLS connection from peer",
-               "peerSubject"_attr = peerSubject,
-               "cipher"_attr = SSL_CIPHER_get_name(cipher));
+    if (!serverGlobalParams.quiet.load()) {
+        LOGV2_INFO(6723801,
+                   "Accepted TLS connection from peer",
+                   "peerSubject"_attr = peerSubject,
+                   "cipher"_attr = SSL_CIPHER_get_name(cipher));
+    }
 
     StatusWith<stdx::unordered_set<RoleName>> swPeerCertificateRoles =
         _parsePeerRoles(peerCert.get());
diff --git a/src/mongo/util/net/ssl_manager_windows.cpp b/src/mongo/util/net/ssl_manager_windows.cpp
index 782ff15d417..760b81b4e07 100644
--- a/src/mongo/util/net/ssl_manager_windows.cpp
+++ b/src/mongo/util/net/ssl_manager_windows.cpp
@@ -2067,10 +2067,12 @@ Future<SSLPeerInfo> SSLManagerWindows::parseAndValidatePeerCertificate(
     }
     const auto cipher = std::wstring(cipherInfo.szCipherSuite);
 
-    LOGV2_INFO(6723802,
-               "Accepted TLS connection from peer",
-               "peerSubjectName"_attr = peerSubjectName,
-               "cipher"_attr = toUtf8String(cipher));
+    if (!serverGlobalParams.quiet.load()) {
+        LOGV2_INFO(6723802,
+                   "Accepted TLS connection from peer",
+                   "peerSubjectName"_attr = peerSubjectName,
+                   "cipher"_attr = toUtf8String(cipher));
+    }
 
     // If this is a server and client and server certificate are the same, log a warning.
     if (remoteHost.empty() && _sslConfiguration.serverSubjectName() == peerSubjectName) {