On 8/30/2020 10:26 PM, Kyle Hamilton wrote: > Could this be dealt with by the simple removal of any caching layer > between an SSL_CTX and a directory processed by openssl c_rehash? > Would reading the filesystem on every certificate verification be too > heavy for your use case?
That might well be sufficient. Rereading the file would probably be low-cost compared to the network connection. -- Jordan Brown, Oracle ZFS Storage Appliance, Oracle Solaris
