On Sat, Jan 7, 2017 at 9:29 PM, Bj?rn Ketelaars <bjorn.ketelaars at hydroxide.nl> wrote: > From ocserv(8) it is not clear to me if ocserv automatically picks up an > update of the response file as generated by ocsptool. All reloads of files in ocserv (certs and ocsp responses) are done during the maintenance window of the server, something that happens periodically, every 15 minutes. So while the reload will not be imminent it will be done. To force it you can send the HUP signal to server. > ocserv(8) also states that the response file needs to be replaced in an atomic > way. If I'm not mistaken this means: > 1.) Write output of ocsptool to a temp file; > 2.) mv temp file to resonse file (as defined in ocserv.conf: ocsp-response) That's what it means. regards, Nikos
