how to active the new create OCSP responder as default immediately?

[StocktonC]

Using EJBCA version: 8.2.0.1

i just try to test regenerate a new OCSP responder (i.e. OCSPKeyBindingNew) to replace the existing OCSP responder (i.e. OCSPKeyBinding) which will expire soon. i found that there are delay to take effective when i use command mode to ACTIVE/DISABLED the responder as below step:

1. ./ejbca.sh keybind setstatus --name OCSPKeyBindingNew -v ACTIVE
2. ./ejbca.sh keybind setstatus --name OCSPKeyBinding -v DISABLED
3. openssl ocsp -issuer /issuer.pem -CAfile /CA.pem -url http://192.168.33.200:8080/ocsp -serial 1234567890 -text

i found that it keep using the old OCSP responder => OCSPKeyBinding which status already set to DISABLED (refer to step 2 above)

Its need around 5 minutes (or longer time) to take effective for the newly created OCSP responder. see there any way / command to make it take effective immediately. (Looks browser mode can make it take effective immediately, however, for company security reason, browser mode is disabled)

Remark:
Both OCSP responder issued by same CA, so the DN is same when i set default OCSP responder as below command:
./ejbca.sh ocsp setdefaultresponder --dn "xxx"

Thanks.

[primetomas]

There is caching there for performance and to not load the database too much.
There is a "clearcache" command that you can try.