stoty commented on code in PR #2270:
URL: https://github.com/apache/zookeeper/pull/2270#discussion_r2193127088


##########
zookeeper-docs/src/main/resources/markdown/zookeeperAdmin.md:
##########
@@ -1776,6 +1776,16 @@ and [SASL authentication for 
ZooKeeper](https://cwiki.apache.org/confluence/disp
     Specifies whether Online Certificate Status Protocol is enabled in client 
and quorum TLS protocols.
     Default: false
 
+* *ssl.tcnative.ocsp* and *ssl.quorum.tcnative.ocsp* :

Review Comment:
   There are two distinct ways to enable (request) OCSP stapling depending on 
the TLS provider:
   
   
https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/ocsp.html#setting-up-a-java-client-to-use-ocsp-stapling
   
   "ssl.ocsp.stapling" would mask the fact that this is only for the netty 
tcnative/openssl provider.
   
   We could use "ssl.tcnative.ocsp.stapling"  or "ssl.openssl.ocsp.stapling" .
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to