Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 68164 invoked from network); 5 May 2006 14:32:20 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 5 May 2006 14:32:20 -0000 Received: (qmail 1604 invoked by uid 500); 5 May 2006 14:32:06 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 1588 invoked by uid 500); 5 May 2006 14:32:06 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 1577 invoked by uid 99); 5 May 2006 14:32:06 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 05 May 2006 07:32:06 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of jack.godau@gmail.com designates 64.233.162.200 as permitted sender) Received: from [64.233.162.200] (HELO nz-out-0102.google.com) (64.233.162.200) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 05 May 2006 07:32:03 -0700 Received: by nz-out-0102.google.com with SMTP id s1so628104nze for ; Fri, 05 May 2006 07:31:39 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=FBFsC4yZPSv0QT0DifnHbkDnC7Ck/a+LxOB5U+WbDG0s7tHPerrTlImUvStgCSOET9KyMZP247FvCMmnDMLL7eXqYAO+b2YAbiw4leBgnA0phz/fFsnPFfbjvLrbD0aufWfRScYIsY9oZVR76FdHfkyTdEw3rTB61Hc9bM0ZB3I= Received: by 10.36.50.6 with SMTP id x6mr1512797nzx; Fri, 05 May 2006 07:31:38 -0700 (PDT) Received: by 10.36.105.19 with HTTP; Fri, 5 May 2006 07:31:38 -0700 (PDT) Message-ID: Date: Fri, 5 May 2006 16:31:38 +0200 From: Jack To: users@tomcat.apache.org Subject: Tomcat and CRL(s) Certification Revocation Lists MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Hi, I have already gotten Tomcat to work with a (single) CRL, and as it was a bit of a struggle have placed some info for those trying to do this at [1]. The document is far from perfect, and any comments are welcome. Now to the questions: 1. Is it possible to swap out the CRL (ie overwrite it with a newer one) and have the changes picked up without a restart? 1.a. if a restart is needed is it enough to restart Tomcat or jboss be restarted? 2. Is it possible to use multiple CRLs (by pointing at a directory for exam= ple)? 2.a. if so would changes to this directory be dynamically read? 2.b. if not where is a good place (for me) to start looking at how to implement this? I would like to somehow have dynamic CRL loading (so something that can do this without restarting either jboss or tomcat). I am not picky as to it being a single CRL or a directory of same. -- Cheers Jack... The claim "natural" is not synonymous with safe. [1] http://jack.godau.googlepages.com/jbosscertificatesandopenssl --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org