https://issues.apache.org/bugzilla/show_bug.cgi?id=55770
--- Comment #1 from Christopher Schultz <ch...@christopherschultz.net> --- For the JSSE connector, it appears that changing the TrustManager itself is non-trivial: it would require that the SSLServerSocketFactory be re-built from scratch, the connector would have to detach from the port and re-bind to it. That's obviously not a good solution. However, the TrustManager itself could be rigged to re-load the CRL at an interval. I'd have to look to see how the stock TrustManagers work... if they do any kind of trust-caching things might not go well. Assuming there's no problem with a TrustManager that changes behavior over time, this should be doable... for JSSE anyway. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
