activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dejan Bosanac <de...@nighttale.net>
Subject Re: Configure OCSP CRL Checking
Date Tue, 19 Jan 2016 08:21:15 GMT
Hi Lectrisimo,

that’s good news. Is there any way you can share your test environment, so
I can try to reproduce what you see?

Regards
--
Dejan Bosanac
about.me/dejanb

On Thu, Jan 14, 2016 at 3:14 PM, Lectrismo <m.j165@yahoo.de> wrote:

> Hi Dejan,
> the last days I messed around with the config of OCSP. I've set the
> following configuration into activemq.bat:
>
> set ACTIVEMQ_SSL_OPTS="-Dcom.sun.security.enableCRLDP=true
> -Docsp.enable=true -Docsp.responderURL=http://my.ocspurl.example"
> echo %ACTIVEMQ_SSL_OPTS%
>
> When executing the bat-file I can see, that he tooked over my configuration
> with ocsp (echo).
> However I didn't found out what the activemq.bat is for? When do I have to
> start activemq.bat?
> Finally after playing around I can see OCSP requests going to my responder.
>
> Also I have revoked a certificate to test if the client with the revoked
> certificate can connect to my broker. Suprisingly, he CAN.
> It seems, that the broker connects the ocsp-responder URL, but do not block
> the revoked Client-Certificate.
>
> I would appretiate if you could do some tests too. Otherwise the feature is
> useless.
> Sorry for the ammount of questions, but I'm new to broker and their config.
>
> much regards,
> Lectrismo
>
>
>
> --
> View this message in context:
> http://activemq.2283324.n4.nabble.com/Configure-OCSP-CRL-Checking-tp4705089p4705987.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message