About this task
This configuration step applies only when delayed certificate
authentication has been enabled.
Complete the following steps:
Procedure
- Verify that certificate authentication is enabled. See Enabling certificate authentication.
- Edit the WebSEAL configuration file. In the [certificate] stanza,
adjust the value of cert-cache-timeout as necessary.
For example:
[certificate]
cert-cache-timeout = 120
The value is the maximum lifetime
for an entry in the cache, expressed as a number of seconds. Use the
default value unless your conditions warrant modifying it. Possible
reasons to modify the value include:
- Systems with memory restrictions might need a reduced expiration
time.
- The expiration time might need to be increased if there is a significant
lag between the time when the user initiates a certificate transfer
and when the user actually submits the certificate.
- Lower values clean out the cache sooner when no certificate authentications
are required. Cleaning the cache frees system memory.