SSLOCSPCacheLifetime
IT Asset Management
(Cloud)
Command line | Registry
SSLOCSPCacheLifetime
, supported only for UNIX-like
platforms, sets the maximum lifetime of OCSP responses cached in the
SSLOCSPPath, expressed as a whole number of seconds. A cached
response is expired on the earlier of: - Its own
nextUpdate
value (which is the certificate's valid until date), or - The sum of the
SSLOCSPCacheLifetime
and the operating system'sLast modified
date/time on the cached file.
The special value of 0
means that the cache lifetime is disabled, and an
OCSP response expires as set in its nextUpdate
field. (If the OCSP response
does not have any nextUpdate
value when the
SSLOCSPCacheLifetime=0
, the response is not cached.)
Depending on your environment, one possible use is to set this to about 10 minutes (600 seconds). This is sufficient for an agent to complete a policy update, for example, and then refresh the cache on the next occurrence.
Values
Values / range |
Zero, or a positive integer. |
Default value |
|
Example values |
|
Command line
Tool |
Inventory component (ndtrack), and upload component (ndupload) |
Example |
|
Registry
Installed by |
Code internals, or manual configuration |
Computer preference |
[Registry]\ManageSoft\Common or
[Registry]\ManageSoft\<Component>\CurrentVersion
where <Component> is the registry key for an
individual component (Tracker , or Uploader ) |
IT Asset Management (Cloud)
Current