https://bz.apache.org/bugzilla/show_bug.cgi?id=66684
DigitalCat <digital...@huawei.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|INVALID |---
--- Comment #10 from DigitalCat <digital...@huawei.com> ---
Recently, I found another problem. I used the self-made crl file, configured
crlFile in server.xml, and then used the curl command to access and carry the
corresponding cert file. Tomcat did not find that the certificate was revoked.
Instead, I use the custom sslImplementation and configure sslImplementationName
in server.xml. We use sun.security.x509.X509CRLImpl#isRevoked to check the
certificate, and this interface returns that the certificate is indeed revoked.
We want to know whether Tomcat's verification of certificate revocation is
complete.
I will add the crl method in the following replies, and the certificate file
content I generated. Because I cannot upload the file directly, I will paste
the file content, fortunately these files are text files.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
