How do we prevent directory access in apache

2018-05-28 Thread Jins Raju Abraham 
Hi

How do we prevent a directory access in apache. Tried searching this and there 
are a lot of suggestion about doing it in the .htaccess file.


thanks
Jins
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: How to configure Tomcat for OCSP stapling?

2018-05-28 Thread Coty Sutherland 
Hi,

On Mon, May 28, 2018 at 7:22 PM, Mark Boon  wrote:

> My company asked to enable OCSP stapling for our Tomcat server. I found
> the documentation about configuring a Tomcat OCSP Connector here:
>
> https://tomcat.apache.org/tomcat-8.5-doc/ssl-howto.html#
> Configuring_OCSP_Connector
>
>
>
> However, if I’m not mistaken those are instructions for how to set up an
> OCSP responder. But I think in my case, the OCSP responder is the CA that
> issued the certificate. What I need is to instruct Tomcat so that it makes
> the call to the OCSP responder that is specified in the CA signed
> certificate and ‘staples’ the resulting ticket to the certificate before
> presenting it to the client.
>

You're correct. The configuration document does mention the OCSP responder,
but you really don't need to do anything special in tomcat to enable OCSP.
If your connector has certificateVerification or clientAuth enabled, then
tomcat will do the needful with the client certificate (including verify it
with OCSP if the OCSP url is present).


>
>
> Does anyone know of a place with instructions how to do something like
> this? Or possibly I’m not quite understanding the process of OCSP stapling,
> in which case any pointers on what it means and how it works with Tomcat
> would be much appreciated.
>
>
>
>
>
> *Mark Boon*
> *Staff Engineer*
> mb...@vmware.com
> 3401 Hillview Avenue, Palo Alto, CA 94304
> 
> 650.123.4567 Office
> 808.234.4892 Mobile
>
> [image: e] 
>
>
>

How to configure Tomcat for OCSP stapling?

2018-05-28 Thread Mark Boon 
My company asked to enable OCSP stapling for our Tomcat server. I found the 
documentation about configuring a Tomcat OCSP Connector here:
https://tomcat.apache.org/tomcat-8.5-doc/ssl-howto.html#Configuring_OCSP_Connector

However, if I’m not mistaken those are instructions for how to set up an OCSP 
responder. But I think in my case, the OCSP responder is the CA that issued the 
certificate. What I need is to instruct Tomcat so that it makes the call to the 
OCSP responder that is specified in the CA signed certificate and ‘staples’ the 
resulting ticket to the certificate before presenting it to the client.

Does anyone know of a place with instructions how to do something like this? Or 
possibly I’m not quite understanding the process of OCSP stapling, in which 
case any pointers on what it means and how it works with Tomcat would be much 
appreciated.


Mark Boon
Staff Engineer
mb...@vmware.com
3401 Hillview Avenue, Palo Alto, CA 94304
650.123.4567 Office
808.234.4892 Mobile
[e]