tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: OCSP with openSSL
Date Wed, 22 May 2019 16:45:21 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Усманов,

On 5/22/19 07:28, Усманов Азат Анварович wrote:
> Mark,  I installed it  just   by  downloading  tcnative src  tar.gz
> file from tomcat  website and issued  ./configure
> --with-apr=/usr/local/apr --with-java-home=/usr/java/jdk1.7.0_79
> -with-ssl=/usr/local/openssl && make && make install && make
clean 
> I'm not sure  how to specify any ocsp related configure options
> when building tomcat native    from source

What is your OpenSSL version and capabilities?

$ openssl version

$ openssl -help

$ openssl ocsp -help

- -chris

> ________________________________ От: Mark Thomas
> <markt@apache.org> Отправлено: 22 мая 2019 г. 13:41 Кому:
> users@tomcat.apache.org Тема: Re: OCSP with openSSL
> 
> On 22/05/2019 11:28, Усманов Азат Анварович wrote:
>> Hi everyone! I have a web app running on tomcat and java 7 using
>> apr for TLS related issues. I m still unable to have OCSP
>> verification working with tomcat.
> 
> <snip/>
> 
>> I have tried running tcpdump on the server but don't' see any
>> Comodo related IP addresses in the output when I access the
>> server in question in the browser. At this point I don't know
>> what else to do, If it was java I would just put some
>> System.out.println statements in OCSP SSL related source code and
>> recompile the tomcat source, but since in my case tomcat uses
>> OpenSSL and tomcat native I'm not sure how/where to do that. the
>> only places I found in the TC-native source that mentions OCSP
>> is sslutils.c  source file. I'm not sure when/ if it is actually
>> gets called in my case. Maybe be someone with more c experience
>> c++ would help me with that.  I really want to get to the bottom
>> of this. Any help is appreciated my tomcat version  is 8.5.39 APR
>> based Apache Tomcat Native library [1.2.21] using APR version
>> [1.6.5]. Openssl version is [OpenSSL 1.1.1a  20 Nov 2018 OS:
>> Linux RHEL 6.6
> 
> How did you build the Tomcat Native library? Was OCSP enabled?
> 
> Mark
> 
> ---------------------------------------------------------------------
>
> 
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlzlfKEACgkQHPApP6U8
pFjWvBAAhHnL9esNEDViUB6nBIzQtcgsn0FxKWVTlrM+mv1JMlZWeD1zpKAPGuOr
ip3Dl/HlHANR8poi8l3NpIUUNq74UqXRHu0ETdjl2vyCl96pYHrmXWLwYuyDeFN4
cN4bm6dm1MkpNyxIv4ig9gJ1/GfAhZW22wcJTKaxu/QyKPVJwejGf3Xbtb4lEjoS
FxEbcE+IJENXME/5+KYyVJdpuRlrbY4P4DXPeZjVcw0yOCB33jNxY9SJtImuXTtl
wiWDPW/8/NM5FUIdbZGUCXx76k2g71iYPZdAcZ94R86pOoFjbAmu6LxSddDeQDZ7
cswpq1wNeTql7aLYCVBG0/I6FgmRBEQvSeS9StuWhjwogdSzK2CmyJuct+y1UBLm
uY4SH5+DvbM57HZdQZ2WHHyjp+VEMI2qQypmVsZf7MqoCYypegOFNwtXqjgRzvmd
PReFjxz6orHlczJ4psjbpKA+BrSNWyeFJu8wBxjfhFuIzsAQyWL3nDwoxSJFQeuq
d1TIDuq5yHRnUWqqf6Tn33qOZvbjKwaeA4XPLCcfZOGWtgIaEYPLfiPSHZujmo7q
jM8EBQGraOChT+P35aNtzxiDac09Ow1wT3hnpDnMdOgWdwwWGR7lLvLUHp/JC+Vn
eUt1mv+bzq0JOpfPpRpCDa5/5LoMh1YJnRw/3JnqhyQ5lpUrB40=
=Bl8+
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message