Changeset 333bbc7 in mod_gnutls for doc


Ignore:
Timestamp:
Oct 27, 2016, 5:50:18 PM (6 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
asyncio, debian/master, debian/stretch-backports, main, master, proxy-ticket, upstream
Children:
0a02378
Parents:
c6dda6d
Message:

Configurable OCSP socket timeout

Stalled OCSP requests must time out after a while to prevent stalling
the server too much. However, if the timeout is too short requests may
fail with a slow OCSP responder or high latency network
connection. Using the new GnuTLSOCSPFailureTimeout parameter users can
adjust the timeout if necessary.

All macros defining default values for OCSP related times are now
collected in gnutls_ocsp.h.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • doc/mod_gnutls_manual.mdwn

    rc6dda6d r333bbc7  
    601601one means that stapling will remain disabled for longer after a failed
    602602request.
     603
     604### GnuTLSOCSPSocketTimeout
     605
     606EXPERIMENTAL: Timeout for TCP sockets used to send OCSP requests
     607
     608    GnuTLSOCSPFailureTimeout SECONDS
     609
     610Default: *6*\
     611Context: server config, virtual host
     612
     613Stalled OCSP requests must time out after a while to prevent stalling
     614the server too much. However, if the timeout is too short requests may
     615fail with a slow OCSP responder or high latency network
     616connection. This parameter allows you to adjust the timeout if
     617necessary.
     618
     619Note that this is not an upper limit for the completion of an OCSP
     620request but a socket timeout. The connection will time out if there is
     621no activity (successful send or receive) at all for the configured
     622time.
    603623
    604624* * * * *
Note: See TracChangeset for help on using the changeset viewer.