Hi there, we just had some problems with OCSP stapling as we did not receive responses from OCSP responder which ultimately lead to qtp threadpool congestion.
We enabled OCSP stapling by setting "jdk.tls.server.enableStatusRequestExtension" to true. A thread dump revealed that nearly all threads were waiting to on the OCSP responders answers (see https://gist.github.com/mpfau/5fb8a4ffdf3f7b62c5856b5ef27b8f0a for a thread stack). I thought that server side OCSP stapling had been implemented in a lazy async fashion but it does not seem like this is the case. Did anyone else experience this or has found a solution? Is this a JDK or a jetty problem? Would also be nice if one could define which interface/ip should be used to send OCSP requests. Is that possible? Thanks! Best, Matthias _______________________________________________ jetty-users mailing list [email protected] To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
