I don't know. I am looking at the Tomcat 6.0 source, and I see
protected void configureClientAuth(SSLServerSocket socket){
if (wantClientAuth){
socket.setWantClientAuth(wantClientAuth);
} else {
socket.setNeedClientAuth(requireClientAuth);
}
}
Since this is using a java.net.ssl.SSLServerSocket, maybe this is set to
work...
Mark
-----Original Message-----
From: Filip Hanik - Dev Lists [mailto:[EMAIL PROTECTED]
Sent: Friday, December 08, 2006 3:48 PM
To: Tomcat Developers List
Subject: Re: Tomcat and OCSP
I would imagine that should be automatic, you just configure the responder
URL for your JVM
http://java.sun.com/j2se/1.5.0/docs/guide/security/pki-tiger.html#OCSP
Filip
Yoav Shapira wrote:
> Hi,
> Wouldn't you need OCSP revocation handling at the SSL connector
> processing point? That's the patch I was thinking of, but I'm not an
> expert in this area, so I might be off-base.
>
> Yoav
>
> On 12/8/06, Filip Hanik - Dev Lists <[EMAIL PROTECTED]> wrote:
>> is a patch even required? or is OSCP something you just turn on since
>> its built into the JDK Mark, do you have anymore details what this
>> would involve?
>> Filip
>>
>> Yoav Shapira wrote:
>> > Mark,
>> > If you submit a patch for OCSP support, I'll gladly review it, and
>> > I imagine several other people would be interested as well.
>> >
>> > Yoav
>> >
>> > On 12/8/06, Mark Claassen <[EMAIL PROTECTED]> wrote:
>> >> I asked this on the user list, but perhaps this is a question
>> better for
>> >> here. I have been using Tomcat for a while, but have not been
>> >> developing yet really (although I did submit a patch a while ago
>> >> to the CGIServlet).
>> >> However, this OCSP issue has potential to really hit the fan for
>> >> us and if there is something that needs to be done, I would like
>> >> to try.
>> >>
>> >> -----Original Message-----
>> >>
>> >> Now that I see Tomcat 6.0 is on it's way, I was wondering if OCSP
>> >> is going to be included? This is being required by more and more
>> >> people these days (like the US government).
>> >>
>> >> If there are no plans to include it yet, how can this issue be
>> >> escalated? I see that OCSP support is bundled into the new JDKs,
>> >> does this mean that it would not be too difficult for an
>> >> enterprising (and desperate) developer to tackle?
>> >>
>> >> Mark
>> >>
>> >> -----Original Message-----
>> >> From: Velpi [mailto:[EMAIL PROTECTED]
>> >> Sent: Monday, July 31, 2006 4:33 AM
>> >> To: Tomcat Users List
>> >> Subject: Re: Tomcat and OCSP
>> >>
>> >> > Does the new support for OCSP in Java 5.0 have any impact on how
>> >> > certificates are handled in Tomcat?
>> >> > http://java.sun.com/j2se/1.5.0/docs/guide/security/pki-tiger.htm
>> >> > l
>> >> >
>> >> > It looks like it might just work if it is set up right in the
>> >> > java property files. I checked the mailing list archives and
>> >> > found a
>> few
>> >> > old references to OCSP, but nothing definitive. Any guidance
>> would be
>> >> greatly appreciated.
>> >>
>> >> I'm trying to set this up too. Did you get it up and running
>> >> properly yet?
>> >> (any
>> >> hints?)
>> >>
>> >>
>> >> -- Velpi
>> >>
>> >> ------------------------------------------------------------------
>> >> --- To start a new topic, e-mail: users@tomcat.apache.org To
>> >> unsubscribe,
>> >> e-mail: [EMAIL PROTECTED]
>> >> For additional commands, e-mail: [EMAIL PROTECTED]
>> >>
>> >>
>> >> ------------------------------------------------------------------
>> >> --- To start a new topic, e-mail: users@tomcat.apache.org To
>> >> unsubscribe,
>> >> e-mail: [EMAIL PROTECTED]
>> >> For additional commands, e-mail: [EMAIL PROTECTED]
>> >>
>> >>
>> >> ------------------------------------------------------------------
>> >> --- To unsubscribe, e-mail: [EMAIL PROTECTED] For
>> >> additional commands, e-mail: [EMAIL PROTECTED]
>> >>
>> >>
>> >
>> > -------------------------------------------------------------------
>> > -- To unsubscribe, e-mail: [EMAIL PROTECTED] For
>> > additional commands, e-mail: [EMAIL PROTECTED]
>> >
>> >
>> >
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED] For
>> additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED] For
> additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED] For additional
commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
