Add (experimental) STEP_CA_HTTP_TIMEOUT for server HTTP timeouts

[hslatman]

No description provided.

[netops2devops]

Greetings @hslatman

I wrote an ExternalCAS plugin with InCommon as the CA (yet to publish it on GitHub) but I keep running into timeout related error whenever the CA takes more than 15 seconds to sign and return the cert bundle. The timeout errors I notice happen between the ACME client (acme.sh) and the RA (step-ca) because of the hardcoded 15 second WriteTimeout. When I replace the 15 second timeout interval with a higher timeout (say 60 seconds) in the server package and rebuild step-ca, I no longer see the issue and the RA successfully returns a certificate bundle.

I believe your MR is a permanent and much elegant fix than me hardcoding it again with a higher timeout value. Would it be possible to merge this MR into the next release? If there's anything you need me to do (or provide more evidence etc.) I am happy to contribute.

Thanks for maintaining this project.

[hslatman]

Hey @netops2devops,

IIRC I opened this PR to solve an issue one of our customers had, but in the end it turned out to not be necessary to alter the timeouts. I agree that it could still be useful to be able to alter the timeouts, so I'll see what I can do to push this PR forward.

[lbaker-esnet]

Hey @hslatman, has there been any traction on this PR? Thank you for your efforts here!

[netops2devops]

Please let me know if there is anything I can do to help push this forward.