https://bz.apache.org/bugzilla/show_bug.cgi?id=57121
Fabian Wenk <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #3 from Fabian Wenk <[email protected]> --- Instead of adding new SSLStaplingRefreshTime, why not just use a fraction (e.g. half) of SSLStaplingStandardCacheTimeout to refresh? But still, if it fails at refresh time, then it has to work when cache timeout is reached. Maybe something like this could work better / be more safe: Try to refresh at half of SSLStaplingStandardCacheTimeout, if it fails try to refresh more often, e.g. every 1/10 of SSLStaplingStandardCacheTimeout until it succeeds and then SSLStaplingStandardCacheTimeout starts again at max. Or simply just try to refresh at every 1/10 of SSLStaplingStandardCacheTimeout. To make less requests to the CA, set default of SSLStaplingStandardCacheTimeout to 86400 (1 day), so the refresh will happen every 2.4 hours. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
