From 4ec9ead1ac994f1759e7fe4392234767a3b14310 Mon Sep 17 00:00:00 2001
From: dandds <38955503+dandds@users.noreply.github.com>
Date: Fri, 15 Mar 2019 14:22:13 -0400
Subject: [PATCH] Update atst/domain/authnid/crl/__init__.py

Co-Authored-By: montana-mil <42577527+montana-mil@users.noreply.github.com>
---
 atst/domain/authnid/crl/__init__.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/atst/domain/authnid/crl/__init__.py b/atst/domain/authnid/crl/__init__.py
index 26956f09..3451e30e 100644
--- a/atst/domain/authnid/crl/__init__.py
+++ b/atst/domain/authnid/crl/__init__.py
@@ -182,6 +182,11 @@ class CRLCache(CRLInterface):
         except crypto.X509StoreContextError as err:
             if err.args[0][0] == CRL_EXPIRED_ERROR_CODE:
                 if app.config.get("CRL_FAIL_OPEN"):
+                    self._log_info(
+                        "Encountered expired CRL for certificate with CN {} and issuer CN {}, failing open.".format(
+                            parsed.get_subject().CN, parsed.get_issuer().CN
+                        )
+                    )
                     return True
                 else:
                     raise CRLInvalidException("CRL expired. Args: {}".format(err.args))