SSL connections currently log (at logging.WARNING on gen_log) for many errors that may be out of the application's control. For example, when a client IOStream connects to a server with a self-signed certificate, it both raises an exception and logs a warning. It's hardly ever appropriate to do both for client operations; the application can catch the exception and log the error if it wants.
On the server side it's trickier since there is no good place for exceptions to go, but we should probably still downgrade some of this logging. If the client side fails to validate the server's certificate, it sends a "tls alert" to the server, causing the server to raise and log an exception. These messages should at a minimum be downgraded to INFO since they do not indicate a problem with the server.
SSL connections currently log (at logging.WARNING on gen_log) for many errors that may be out of the application's control. For example, when a client IOStream connects to a server with a self-signed certificate, it both raises an exception and logs a warning. It's hardly ever appropriate to do both for client operations; the application can catch the exception and log the error if it wants.
On the server side it's trickier since there is no good place for exceptions to go, but we should probably still downgrade some of this logging. If the client side fails to validate the server's certificate, it sends a "tls alert" to the server, causing the server to raise and log an exception. These messages should at a minimum be downgraded to INFO since they do not indicate a problem with the server.