stoty commented on code in PR #2270: URL: https://github.com/apache/zookeeper/pull/2270#discussion_r2193127088
########## zookeeper-docs/src/main/resources/markdown/zookeeperAdmin.md: ########## @@ -1776,6 +1776,16 @@ and [SASL authentication for ZooKeeper](https://cwiki.apache.org/confluence/disp Specifies whether Online Certificate Status Protocol is enabled in client and quorum TLS protocols. Default: false +* *ssl.tcnative.ocsp* and *ssl.quorum.tcnative.ocsp* : Review Comment: There are two distinct ways to enable (request) OCSP stapling depending on the TLS provider: https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/ocsp.html#setting-up-a-java-client-to-use-ocsp-stapling "ssl.ocsp.stapling" would mask the fact that this is only for the netty tcnative/openssl provider. We could use "ssl.tcnative.ocsp.stapling" or "ssl.openssl.ocsp.stapling" . -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@zookeeper.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
