Storing limited data into the database to minimize the database size
|
If your database size grows too quickly because a lot of OCSP Repeater transactions are being logged then the size of log information can be reduced by removing some data columns from the database logs. The following are the attributes which manages the logging of specified column:
- TRANSACTION_LOG_COLUMNS = RelyingPartyId,CertificationAuthorityId,Request,Response,RelyingPartyIp,RelyingPartySigningCert,RelyingPartySTlsCert,ErrorCode
If you remove any of the column in these properties then that column's value will not be stored as part of transaction logging. The columns consuming most resources are "Request" and "Response" and for very high volumes these should be removed.
Usual logging for an OCSP Repeater
- TRANSACTION_LOG_COLUMNS = Request,Response,RelyingPartyIp,ErrorCode
Minimal logging for an OCSP Repeater
- TRANSACTION_LOG_COLUMNS = RelyingPartyId,RelyingPartyIp,ErrorCode
Parameters Mapping with Transactions Log Viewer
- RelyingPartyId: It represents the Signer's Subject Name, this parameter records the Subject DN of OCSP response signing certificate in case of signed OCSP request.
- CertificationAuthorityId: It represents the Signer's CA, this parameter records the User friendly name of the Issuer CA of the OCSP Response signing certificate in case of signed OCSP request.
- Request: It represents the Request, this parameter records the OCSP request.
- Response: It represents the Response, this parameter records the OCSP response.
- RelyingPartyIp: It represents the IP Address, this parameter records the IP address of the requester.
- RelyingPartySigningCert: It represents the Signing Cert, this parameter stores the OCSP request signing certificate in case of signed OCSP request.
- RelyingPartySslCert: It represents the TLS Cert,this parameter stores the TLS Client certificate in case of OCSP request over TSL channel.
- ErrorCode: It represents the Error Code, this parameter records the error message in case of any failure.
|
Transaction logs settings
|
Transactions can be stored either directly or delayed for better performance. The following properties are used for logging:
- TRANSACTION_LOG_MODE = LAZY
Used to decide whether the transactions are kept in memory before these are stored in the database (LAZY logging) or directly stored in the database (EAGER logging). Possible values: LAZY, EAGER In case of LAZY logging the transaction logs are kept in memory upto the number of seconds configured in TRANSACTION_LOG_LAZY_INTERVAL or number of transactions configured in TRANSACTION_LOG_LAZY_RECORD_COUNT whichever is reached first.
- TRANSACTION_LOG_LAZY_INTERVAL = 2
When LAZY logging is configured, transactions are kept in memory upto the configured time or if the configured TRANSACTION_LOG_LAZY_RECORD_COUNT is reached before it.
- TRANSACTION_LOG_LAZY_RECORD_COUNT = 400
When LAZY logging is configured, transactions are kept in memory until the configured number of transactions is reached or if the configured TRANSACTION_LOG_LAZY_INTERVAL is met before it.
|