script to prime nginx's OCSP cache

[173279834462]

#!/bin/ksh -e
#
# The purpose of this script is to prime the OCSP cache of nginx. 
#
# Ideally, nginx would prime its worker processes ahead of any client
request. 
# There are two events that ought to trigger this behaviour: 
# the server start-up, and each time a cache expires. 
#
# In reality, nginx stands still until a client hits a worker process, 
# then the specific worker process primes its own cache only. 
# 
# Therefore, this script can only prime those worker processes that respond:

# if the script hapens to hit the same worker processes, 
# the remaining ones will still need to be primed. To solve this problem, 
# a stripped version of the script may run as a midnight cron job. 
#

fqdn="$1";

if [[ "$fqdn" == "" ]]; then
   echo "usage: $0 FQDN";
   exit 0;
fi

clearLastLine() {
   tput cuu 1 && tput el;
}

echo "Priming nginx's OCSP cache:";
echo "";

_iterations="20";
for (( COUNTER=1; COUNTER<=$_iterations; COUNTER++ )); do
   clearLastLine;
   echo -n "iteration $COUNTER of $_iterations: ";
   fail=true;
   while $fail; do
      response="$( ./read_ocsp.sh $fqdn 2>&1 | tail -1 )"; 
      if [[ "$response" =~ "OCSP response: no response sent" 
         || "$response" == "" ]]; then
         echo -n ".";
         sleep 6; # wait for the OCSP update
      else
         echo "OK";
         sleep 3;
         fail=false;
      fi
   done
done

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,262731,262731#msg-262731