Hi Mark Thomas,
Thanks for the pointer. However, that comment you posted there is 4 years old.
Any news on the matter since then at all? Has OCSP Stapling support for NIO
connectors since made it into Java 9?
Mark Boon
On 5/30/18, 12:46 AM, "Mark Thomas" <[email protected]> wrote:
On 29/05/18 00:22, Mark Boon wrote:
> My company asked to enable OCSP stapling for our Tomcat server. I found
> the documentation about configuring a Tomcat OCSP Connector here:
>
>
https://urldefense.proofpoint.com/v2/url?u=https-3A__tomcat.apache.org_tomcat-2D8.5-2Ddoc_ssl-2Dhowto.html-23Configuring-5FOCSP-5FConnector&d=DwIDaQ&c=uilaK90D4TOVoH58JNXRgQ&r=_kwXikaSZUUarF811P_o9Q&m=c9Hngb286HQ3waldNl7R5ScNf7kDJHlpVrzQqNdzrqA&s=Su_lL2hasSRZW0qqEbINeT1Cg6YL5lUjcf18mJXo0kA&e=
>
>
>
> However, if I’m not mistaken those are instructions for how to set up an
> OCSP responder. But I think in my case, the OCSP responder is the CA
> that issued the certificate. What I need is to instruct Tomcat so that
> it makes the call to the OCSP responder that is specified in the CA
> signed certificate and ‘staples’ the resulting ticket to the certificate
> before presenting it to the client.
>
>
>
> Does anyone know of a place with instructions how to do something like
> this? Or possibly I’m not quite understanding the process of OCSP
> stapling, in which case any pointers on what it means and how it works
> with Tomcat would be much appreciated.
https://urldefense.proofpoint.com/v2/url?u=https-3A__bz.apache.org_bugzilla_show-5Fbug.cgi-3Fid-3D56148&d=DwIDaQ&c=uilaK90D4TOVoH58JNXRgQ&r=_kwXikaSZUUarF811P_o9Q&m=c9Hngb286HQ3waldNl7R5ScNf7kDJHlpVrzQqNdzrqA&s=O87uG9CLTZkFihZww0qxd5jkZV6AaWhZ_KE5Kk2JKhU&e=
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
