Repository: trafficserver Updated Branches: refs/heads/master 0b6244a5a -> a2328d635
Added proxy.config.ssl.ocsp configuration directives. Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/fbf5c661 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/fbf5c661 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/fbf5c661 Branch: refs/heads/master Commit: fbf5c6611e277f4e6e9d095f2022665cc12c85f6 Parents: 0b6244a Author: Steven Feltner <[email protected]> Authored: Thu Oct 8 14:51:25 2015 -0700 Committer: James Peach <[email protected]> Committed: Thu Oct 8 20:15:53 2015 -0700 ---------------------------------------------------------------------- .../configuration/records.config.en.rst | 26 ++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/fbf5c661/doc/reference/configuration/records.config.en.rst ---------------------------------------------------------------------- diff --git a/doc/reference/configuration/records.config.en.rst b/doc/reference/configuration/records.config.en.rst index 845580d..9a61511 100644 --- a/doc/reference/configuration/records.config.en.rst +++ b/doc/reference/configuration/records.config.en.rst @@ -2585,6 +2585,28 @@ Client-Related Configuration Specifies the location of the certificate authority file against which the origin server will be verified. +OCSP Stapling Configuration +=========================== + +.. ts:cv:: CONFIG proxy.config.ssl.ocsp.enabled INT 0 + + Enable OCSP stapling. + + - ``0`` = disables OCSP Stapling + - ``1`` = allows Traffic Server to request SSL certificate revocation status from an OCSP responder. + +.. ts:cv:: CONFIG proxy.config.ssl.ocsp.cache_timeout INT 3600 + + Number of seconds before an OCSP response expires in the stapling cache. + +.. ts:cv:: CONFIG proxy.config.ssl.ocsp.request_timeout INT 10 + + Timeout (in seconds) for queries to OCSP responders. + +.. ts:cv:: CONFIG proxy.config.ssl.ocsp.update_period INT 60 + + Update period (in seconds) for stapling caches. + ICP Configuration ================= @@ -2948,11 +2970,11 @@ Value Effect 2 Do not accept inbound connections until cache initialization has finished and been sufficiently successful that cache is enabled. This means at least one cache span is usable. If there are no - spans in :configfile:`storage.config` or none of the spans can be successfully parsed and + spans in :file:`storage.config` or none of the spans can be successfully parsed and initialized then Traffic Server will shut down. 3 Do not accept inbound connections until cache initialization has finished and been completely - successful. This requires at least one cache span in :configfile:`storage.config` and that every + successful. This requires at least one cache span in :file:`storage.config` and that every span specified is valid and successfully initialized. Any error will cause Traffic Server to shut down. ===== ====================
