Proceed with cert auth login attempts if ocsp_fail_open is true and servers are unreachable (#25982)

Author: stevendpclark

builtin/credential/cert/backend.go

@@ -26,8 +26,9 @@ const (
 	operationPrefixCert = "cert"
 	trustedCertPath     = "cert/"
 
-	defaultRoleCacheSize = 200
-	maxRoleCacheSize     = 10000
+	defaultRoleCacheSize  = 200
+	defaultOcspMaxRetries = 4
+	maxRoleCacheSize      = 10000
 )
 
 func Factory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error) {