I can confirm that the patch works. We were able to get Tomcat up and
running with the crlFile and the SunX509 algorithm configuration and were
able to test that the CRL functionality was working as expected in a patched
7.0.16 version.
Thanks,
Martin
On Thu, Jun 23, 2011 at 11:42 AM, Mark Thoma
On 23/06/2011 16:30, Martin Dubuc wrote:
> Can you confirm that the patches to apply to solve this issue are the
> following ones: r1138550 and r1138555?
r1138550 is purely cosmetic. r1138555 is the patch that should fix this.
Mark
>
> Martin
>
> On Wed, Jun 22, 2011 at 5:16 PM, Mark Thomas w
Can you confirm that the patches to apply to solve this issue are the
following ones: r1138550 and r1138555?
Martin
On Wed, Jun 22, 2011 at 5:16 PM, Mark Thomas wrote:
> On 22/06/2011 20:03, Martin Dubuc wrote:
> > Mark,
> >
> > Thanks for looking into this and working to get the patch in for f
On 22/06/2011 20:03, Martin Dubuc wrote:
> Mark,
>
> Thanks for looking into this and working to get the patch in for future
> versions. It will allow us to use later versions of Tomcat and not be stuck
> on 7.0.10.
>
> If you would like me to test the patch, I can rebuild from patched source
> a
Mark,
Thanks for looking into this and working to get the patch in for future
versions. It will allow us to use later versions of Tomcat and not be stuck
on 7.0.10.
If you would like me to test the patch, I can rebuild from patched source
and test locally.
Martin
On Wed, Jun 22, 2011 at 12:46 P
Tomcat 6.0.x looks to be OK. There is a copy/paste problem in 7.0.x that
I'll fixed shortly.
If you are willing to build Tomcat 7.0.x from source (not hard) then it
will be easy for you to test the patch.
Mark
-
To unsubscribe
I have done some more analysis of the problem and the exception started to
be thrown in version 7.0.11. Something changed between 7.0.10 and 7.0.11
that affected handling of CRL for SunX509 algorithm. In version 7.0.10,
although the code in JSSESocketFactory.java to throw the exception is the
same
Here is the full stack trace:
SEVERE: Failed to initialize end point associated with ProtocolHandler
["http-bio-8443"]
java.io.IOException: CRLs not supported for type: SunX509
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:476)
at
org.apache.tomca
2011/6/16 Martin Dubuc :
> Up to Tomcat 7.0.10, I used the crlFile configuration along with the SunX509
> algorithm in SSL HTTP connector configuration in server.xml. However, when I
> start Tomcat 7.0.16, I get the following error:
>
> Jun 16, 2011 12:22:22 PM org.apache.coyote.AbstractProtocol in
I would be surprised it would be JRE related since the crlFile configuration
works with Tomcat 7.0.10 and the same JDK. Must be something that changed in
the Tomcat code.
Martin
On Thu, Jun 16, 2011 at 8:59 AM, Caldarale, Charles R <
chuck.caldar...@unisys.com> wrote:
> > From: Martin Dubuc [mai
I have tried to change the algorithm to Oracle509 to no avail. This value is
not recognized.
Martin
On Thu, Jun 16, 2011 at 8:59 AM, Caldarale, Charles R <
chuck.caldar...@unisys.com> wrote:
> > From: Martin Dubuc [mailto:martind1...@gmail.com]
> > Subject: crlFile and SunX509 algorithm in Tomca
> From: Martin Dubuc [mailto:martind1...@gmail.com]
> Subject: crlFile and SunX509 algorithm in Tomcat 7.0.16
> Up to Tomcat 7.0.10, I used the crlFile configuration along
> with the SunX509 algorithm in SSL HTTP connector configuration
> java.io.IOException: CRLs not supported for type: SunX50
12 matches
Mail list logo
