Page MenuHomePhabricator

acme-chief should be able to refresh OCSP stapling response even if the renewal process fails
Open, MediumPublic

Description

As seen on T243948, currently acme-chief won't refresh the OCSP stapling response if for any reason it's unable to renew the certificate. Taking into account that a cert lives up to 3 months and OCSP responses only 1 week, acme-chief needs to renew them even if the renewal process is failing

Event Timeline

Vgutierrez triaged this task as Medium priority.Feb 4 2020, 1:41 PM
Vgutierrez created this task.
Vgutierrez moved this task from Triage to TLS on the Traffic board.