https://bz.apache.org/bugzilla/show_bug.cgi?id=64135
Bug ID: 64135
Summary: OCSP Stapling doesn't handle Keep-Alive responses
properly, causing delays/timeouts
Product: Apache httpd-2
Version: 2.4.41
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_ssl
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
Created attachment 37010
--> https://bz.apache.org/bugzilla/attachment.cgi?id=37010&action=edit
Ocsp strace
When httpd(8) sends ocsp requests via mod_ssl and the OCSP server offers
keep-alive option, the connection is not immediately closed after OCSP response
but the server waits for keep-alive connection to expire.
In the log file attached, the actual stapling response is received at
1556058446.291592, but the connection isn't closed until 1556058456.291508 (10
seconds later) because of the keep-alive timeout of exactly 10 seconds.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
