tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Duan, Nick" <ND...@mcdonaldbradley.com>
Subject RE: Certificate Revocation Lists in Tomcat 5.5
Date Tue, 29 Nov 2005 16:45:05 GMT
Tomcat currently doesn't support cert validation against CRL.  You may
want to use Apache's mod_ssl to do the CRL checking.  You will have to
use mod_jk to connect Apache web server with tomcat.

SSL is very computational intensive.  Use Apache's httpd to do the SSL
work is more efficient than to use Java-based tomcat.

ND

-----Original Message-----
From: Kennedy Roberts [mailto:kroberts@syrres.com] 
Sent: Tuesday, November 29, 2005 10:55 AM
To: users@tomcat.apache.org
Subject: Certificate Revocation Lists in Tomcat 5.5

Hi all,

    We've recently migrated our (SSL enabled) web application from
SunOne to 
Tomcat 5.5, and I can't find any information on handling Certificate 
Revocation Lists in Tomcat.  In SunOne, there was a function in the 
administration console that let you import a CRL.  Is there any
equivalent 
in Tomcat, or perhaps some other command line equivalent?

Thanks for your help.

-Kennedy 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message