JDK-8308601 : Review and adjust Certificate, CRL and OCSP path validation fetch timeout defaults
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P4
  • Status: Closed
  • Resolution: Not an Issue
  • Submitted: 2023-05-22
  • Updated: 2025-02-28
  • Resolved: 2025-02-28
Related Reports
Relates :  
JDK-8179502 - Enhance OCSP, CRL and Certificate Fetch Timeouts
Description
The connect and read timeouts for getting certificates, CRLs and OCSP responses during path validation are currently all set to 15 seconds (15000 milliseconds).  We should review these defaults to make sure they are sized appropriately.
Comments
As per our internal review and discussion, the defaults still seem in line with current best practices. Closing this for now.
28-02-2025