I have seen errors in my logs: worker_connections are not enough while
requesting certificate status
I believe the main problem was that the worker_connections was set too
low,
and I’ve fixed that.
However after looking at the source around the OCSP stapling, I have a
couple questions:
-
It appears that ocsp responses are cached for five minutes, correct?
-
When the cached responses expire, does each worker make a new request?
Or
does every new connection cause a request to be sent until one of the
requests (from each worker) receives a reply and populates the cache?
Hello!
On Mon, Feb 24, 2014 at 09:04:07AM -0500, nginx user wrote:
I have seen errors in my logs: worker_connections are not enough while
requesting certificate status
I believe the main problem was that the worker_connections was set too low,
and I’ve fixed that.
However after looking at the source around the OCSP stapling, I have a
couple questions:
- It appears that ocsp responses are cached for five minutes, correct?
No. Succesfull responses are cached for an hour, errors are
retried in 5 minuts.
- When the cached responses expire, does each worker make a new request? Or
does every new connection cause a request to be sent until one of the
requests (from each worker) receives a reply and populates the cache?
Each worker does only one request.
–
Maxim D.
http://nginx.org/