Select the OCSP Responder-Server tab of the Configuration page to configure optional OCSP responder settings.
Mandatory: No
Read timeout
The maximum allowed period for reading an entire request, including the body. When this period expires, the request gets the following response.
Code=503,Reason=Service Unavailable
Mandatory: No. This optional value defaults to 60 seconds.
Write timeout
The maximum period allowed for writing a response. When this period expires, the request gets the following response.
Code=503,Reason=Service Unavailable
Mandatory: No. This optional value defaults to 60 seconds.
Idle timeout
The maximum period to wait for the next request when keep-alives are enabled.
Mandatory: No. This optional value defaults to 10 seconds.
Max header bytes
The maximum number of bytes allowed for keys and values in the request header, including the request line.
Mandatory: No. This optional value defaults to 1024.
Max body bytes
The maximum number of bytes allowed in the request body.
Mandatory: No. This optional value defaults to 8192.
Graceful timeout
The grace period before shutting down the server.
Mandatory: No. This optional value defaults to 15 seconds.
Listen limit
The maximum number of outstanding requests.
Mandatory: No. This optional value defaults to 0 (no limit).
Keep alive
The TCP keep-alive timeouts on accepted connections.
When this period expires, the server prunes dead TCP connections.
Mandatory: No. This optional value defaults to 3 minutes.
HTTP Error
The HTTP error returned in the OCSP response body for failed requests. See the table below for the value returned when enabling or disabling
this parameter.
Request type |
| |
---|---|---|
Invalid request | HTTP 400 | HTTP 200 |
Valid request that could not be processed | HTTP 404 | HTTP 200 |
Mandatory: No. This optional value defaults to .
Retry Unknown Certificates
Retry fetching the status of certificates classified as unknown after the initial retrieval.
This setting is only effective for certificate profiles that enable the revokedIfUnknown parameter.
Mandatory: No. This optional value defaults to .