[jdk17u-dev] RFR: 8179502: Enhance OCSP, CRL and Certificate Fetch Timeouts
Alexey Bakhtin
abakhtin at openjdk.org
Mon Nov 11 18:55:41 UTC 2024
On Mon, 11 Nov 2024 16:17:46 GMT, Severin Gehwolf <sgehwolf at openjdk.org> wrote:
> Pasting @GoeLin's question from #2754 here:
>
> > What happens if someone has set com.sun.security.crl.timeout and installs the update. Will that value be taken over to com.sun.security.ocsp.readtimeout, or will that fall back to 15s?
Hi @GoeLin, you are right. The new "com.sun.security.ocsp.readtimeout" property is set independently of "com.sun.security.crl.timeout". In your case, it will fall back to the default 15s value. It changes current behavior.
I can update this logic to change the default read timeout to the "com.sun.security.crl.timeout" value.
-------------
PR Comment: https://git.openjdk.org/jdk17u-dev/pull/2747#issuecomment-2468827206
More information about the jdk-updates-dev
mailing list