OCSP Stapling cache timeout


THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT v7.3.6 and later

DISCUSSION

An administrator would want to set the OCSP Stapling cache timeout to set the frequency of how often EFT either reads from the cache or contacts the CA for a proper response. In a situation where the certificate is revoked, you want the response from the CA and not the cache where it would give you a “good” response (since it’s in cache). When the registry setting is present, EFT will use this value as the number of seconds a given OCSP response will survive in our cache before a new request to the OCSP Responder URL must be made.

HKEY_LOCAL_MACHINE\Software\Wow6432Node\GlobalSCAPE Inc.\EFT Server 7.3\

Name: OCSPStaplingCacheTimeoutSec

Type: DWORD

Default Value: 3600

Minimum Value: 0

Maximum Value: 4294967295

Restart Required: yes

Backup/Restore: yes