OCSP transaction logging is enabled by setting ocsp.trx-log = true in ocsp.properties.
It should be possible to set this dynamically by configuring it in /etc/ejbca/conf/ocsp.properties with allow.external-dynamic.configuration=true.
This seems to be picked up by EJBCA as the output of "ejbca.sh config dump" includes ocsp.trx-log = true. However, no output to the (in wildfly) configured transaction.log file is produced.
If the configured ocsp.properties file instead is compiled into ejbca.ear (by placing it in ejbca-custom/conf) the output from "ejbca.sh config dump" is the same but logging to transaction.log is produced correctly.
This bug makes it impossible to configure OCSP transaction logging (and possibly OCSP audit logging, not tested) on HW appliance as the ear file cannot be recompiled.