Yoav, The problem is that I can't find any info at all on how to configure it to use a CRL.
FYI, after an all-nighter, I was just able to get the client and server SSL part working with standalone Tomcat. Very cool :)! And, best of all, I was able to confirm that with this, I can access the client certificate info from my JSPs. I'm just "so close" to what I need now, if I can just figure out how to enable or incorporate the CRL checking, as from a security standpoint, they won't let me deploy a PKI-enabled system if it doesn't support CRLs. Jim "Shapira, Yoav" wrote: > > Hi, > I don't know about CRL support -- why not just try it out? > > Yoav Shapira > Millennium Research Informatics > > >-----Original Message----- > >From: ohaya [mailto:[EMAIL PROTECTED] > >Sent: Thursday, August 19, 2004 7:51 PM > >To: Tomcat Users List > >Subject: Re: New idea - Enable Tomcat for SSL? > > > > > > > >"Shapira, Yoav" wrote: > >> > >> Hi, > >> http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html > >> > >> And, of course, > >> http://jakarta.apache.org/tomcat/faq/connectors.html#integrate which > >> should have saved you considerable time and effort. > >> > > > > > >Yoav, > > > >I had posted a number of messages about problems I was having, but in > >any event, thanks for the links. > > > >One other question: If I configure Tomcat (5.0.27) as a standalone > >SSL-enabled (client and server) webserver+container, will the Tomcat > SSL > >handling support the use of certificate revocation lists (CRLs)? > > > >I've been trying to research this, and so far have had no luck finding > >anything on it, and, from the standpoint of security, support for CRLs > >is going to be a must-have if I go this direction. > > > >If you or anyone knows the answer to this question, please let me know. > > > >Thanks again, > >Jim > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > This e-mail, including any attachments, is a confidential business communication, > and may contain information that is confidential, proprietary and/or privileged. > This e-mail is intended only for the individual(s) to whom it is addressed, and may > not be saved, copied, printed, disclosed or used by anyone else. If you are not > the(an) intended recipient, please immediately delete this e-mail from your computer > system and notify the sender. Thank you. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]