tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ohaya <oh...@cox.net>
Subject Re: New idea - Enable Tomcat for SSL?
Date Fri, 20 Aug 2004 13:55:03 GMT
Yoav,

The problem is that I can't find any info at all on how to configure it
to use a CRL.

FYI, after an all-nighter, I was just able to get the client and server
SSL part working with standalone Tomcat.  Very cool :)!  And, best of
all, I was able to confirm that with this, I can access the client
certificate info from my JSPs.

I'm just "so close" to what I need now, if I can just figure out how to
enable or incorporate the CRL checking, as from a security standpoint,
they won't let me deploy a PKI-enabled system if it doesn't support
CRLs.

Jim



"Shapira, Yoav" wrote:
> 
> Hi,
> I don't know about CRL support -- why not just try it out?
> 
> Yoav Shapira
> Millennium Research Informatics
> 
> >-----Original Message-----
> >From: ohaya [mailto:ohaya@cox.net]
> >Sent: Thursday, August 19, 2004 7:51 PM
> >To: Tomcat Users List
> >Subject: Re: New idea - Enable Tomcat for SSL?
> >
> >
> >
> >"Shapira, Yoav" wrote:
> >>
> >> Hi,
> >> http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html
> >>
> >> And, of course,
> >> http://jakarta.apache.org/tomcat/faq/connectors.html#integrate which
> >> should have saved you considerable time and effort.
> >>
> >
> >
> >Yoav,
> >
> >I had posted a number of messages about problems I was having, but in
> >any event, thanks for the links.
> >
> >One other question:  If I configure Tomcat (5.0.27) as a standalone
> >SSL-enabled (client and server) webserver+container, will the Tomcat
> SSL
> >handling support the use of certificate revocation lists (CRLs)?
> >
> >I've been trying to research this, and so far have had no luck finding
> >anything on it, and, from the standpoint of security, support for CRLs
> >is going to be a must-have if I go this direction.
> >
> >If you or anyone knows the answer to this question, please let me know.
> >
> >Thanks again,
> >Jim
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> >For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> This e-mail, including any attachments, is a confidential business communication, and
may contain information that is confidential, proprietary and/or privileged.  This e-mail
is intended only for the individual(s) to whom it is addressed, and may not be saved, copied,
printed, disclosed or used by anyone else.  If you are not the(an) intended recipient, please
immediately delete this e-mail from your computer system and notify the sender.  Thank you.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message