https://bz.apache.org/bugzilla/show_bug.cgi?id=66684
Bug ID: 66684
Summary: SSL HandShake failed when crlFile linked to an empty
file
Product: Tomcat 9
Version: 9.0.65
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: digital...@huawei.com
Target Milestone: -----
Recently, we tested the use of the crLFile configuration (in server.xml) in the
scenario where two-way certificate authentication is enabled. When the file
pointed to by the crlFile configuration item is an empty file (the file exists
but the file content is blank), Tomcat cannot provide services and SSL
HandShake reports an error(certificate_unknown). When crlFile is not configured
or the content in crlFile is correct, no error is reported.
I'm thinking that don't need to set the revocationEnabled parameter to true (In
org.apache.tomcat.util.net.SSLUtilBase#getParameters 498L) when the file
content is blank.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
