Feifei Cai created TS-3384:
------------------------------
Summary: Add stats for OCSP Stapling errors
Key: TS-3384
URL: https://issues.apache.org/jira/browse/TS-3384
Project: Traffic Server
Issue Type: Improvement
Components: SSL
Reporter: Feifei Cai
# Add stats for bad OCSP response status: revoked or unknown.
{noformat}
$ traffic_line -m proxy.process.ssl.ssl_ocsp
proxy.process.ssl.ssl_ocsp_revoked_cert_stat 0
proxy.process.ssl.ssl_ocsp_unknown_cert_stat 0
{noformat}
{noformat}
OCSP_resp_find_status(bs, cinf->cid, &status, &reason, &rev, &thisupd,
&nextupd);
switch (status) {
case V_OCSP_CERTSTATUS_GOOD:
break;
case V_OCSP_CERTSTATUS_REVOKED:
SSL_INCREMENT_DYN_STAT(ssl_ocsp_revoked_cert_stat);
break;
case V_OCSP_CERTSTATUS_UNKNOWN:
SSL_INCREMENT_DYN_STAT(ssl_ocsp_unknown_cert_stat);
break;
default:
break;
}
{noformat}
# change debug tag in OCSP Stapling to ssl_ocsp.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
