| HttpProxy |
| This object specifies the HTTP proxy server which must be used to access the HTTP certificate servers defined. It takes either an IP-address or a fully qualified domain name. Length: 0 to 255 |
| SocksServer |
| This object specifies the SOCKS server which must be used to access the HTTP and LDAP certificate servers defined. It takes either an IP-address or a fully qualified domain name. Length: 0 to 255 |
| MaxCacheEntries |
| This object specifies the maximum number of certificate-cache entries allowed. Range: 64 to 8192 |
| MaxPathLength |
| This object specifies the maximum number of CA certificates accepted for certificate chains from a trusted root certificate to a peer certificate. Range: 1 to 1024 |
| MaxRestarts |
| This object specifies the maximum number of restarts in one certificate search. |
| MaxCertValidity |
| This object specifies the maximum validity period of a certificate in seconds. A certificate will not be considered valid for a longer period of time even if its validity field specifies a longer period. |
| MaxCrlValidity |
| This object specifies the maximum validity period of a certificate revocation list in seconds. A crl will not be considered valid for a longer period of time even if its validity field specifies a longer period. |
| NegCachePeriod |
| This object specifies the period in seconds a certificate or crl search with a negative result will be remembered. Within this time, no new search will be performed for the same item. Range: 10 to 16777216 |
| PosCachePeriod |
| This object specifies the period in seconds a certificate or crl will be stored in the local certificate cache. |
| LogLevel |
| This object specifies the log level for certificate cache log events. All messages with a level higher than the value specified here are omitted, zero means no logging at all. |