Resend - worker_connections are not enough while requesting certificate status

I have seen errors in my logs: worker_connections are not enough while
requesting certificate status

I believe the main problem was that the worker_connections was set too
low,
and I’ve fixed that.

However after looking at the source around the OCSP stapling, I have a
couple questions:

  • It appears that ocsp responses are cached for five minutes, correct?

  • When the cached responses expire, does each worker make a new request?
    Or
    does every new connection cause a request to be sent until one of the
    requests (from each worker) receives a reply and populates the cache?

Hello!

On Mon, Feb 24, 2014 at 09:04:07AM -0500, nginx user wrote:

I have seen errors in my logs: worker_connections are not enough while
requesting certificate status

I believe the main problem was that the worker_connections was set too low,
and I’ve fixed that.

However after looking at the source around the OCSP stapling, I have a
couple questions:

  • It appears that ocsp responses are cached for five minutes, correct?

No. Succesfull responses are cached for an hour, errors are
retried in 5 minuts.

  • When the cached responses expire, does each worker make a new request? Or
    does every new connection cause a request to be sent until one of the
    requests (from each worker) receives a reply and populates the cache?

Each worker does only one request.


Maxim D.
http://nginx.org/