On 19/03/18 13:52, Christopher Schultz wrote: > All, > > I'm guessing this is mostly directed towards Rainer: can someone look > at https://bz.apache.org/bugzilla/show_bug.cgi?id=53940? It's got a > proposed patch and IMO makes sense to implement. > > I'm not familiar enough with OpenSSL and the way that the SSL engine > works to know if this is a valid technique. > > Most people don't use CRLs so it won't affect their performance or > anything like that. But those who do rely on a CRL can't afford to > bounce their Tomcat instance or connector just to pick-up an updated CRL > .
Can't we just close that as WONTFIX on the grounds that you just trigger the reload of the TLS config in Tomcat? Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
