Select the OCSP Responder-Server tab of the Configuration page to configure optional OCSP responder settings.

Mandatory: No

HTTP Error

The HTTP error returned in the OCSP response body for failed requests. See the table below for the value returned when enabling  or disabling  this parameter.

Mandatory:  No. This optional value defaults to .

Response Profile ID

The identifier of the profile for generating OCSP responses. 

Mandatory: No. This optional value defaults to the basic identifier of the only supported profile. This profile:

1. Sets byKey as responder identifier.
2. If present in the request, copies the id-pkix-ocsp-nonce extension value in the response.
3. Signs the response with the SHA-256 algorithm.

Keep alive

The TCP keep-alive timeouts on accepted connections. 

Mandatory: No. This optional value defaults to 3 minutes.

Listen limit

The maximum number of outstanding requests.

Mandatory: No. This optional value defaults to 0 (no limit).

Graceful timeout

The grace period before shutting down the server.

Mandatory: No. This optional value defaults to 15 seconds.

Max body bytes

The maximum number of bytes allowed in the request body.

Mandatory: No. This optional value defaults to 8192.

Max header bytes

The maximum number of bytes allowed for keys and values in the request header, including the request line. 

Mandatory: No. This optional value defaults to 1024.

Idle timeout

The maximum period to wait for the next request when keep-alives are enabled.

Mandatory: No. This optional value defaults to 10 seconds.

Write timeout

The maximum period allowed for writing a response. When this period expires, the request gets the following response.

Mandatory: No. This optional value defaults to 60 seconds.

Read timeout

The maximum allowed period for reading an entire request, including the body. When this period expires, the request gets the following response.

Mandatory: No. This optional value defaults to 60 seconds.