[Bug 67061] SSLVerifyClient="optionalNoCA" still not doing what it should

https://bz.apache.org/bugzilla/show_bug.cgi?id=67061 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 67061] SSLVerifyClient="optionalNoCA" still not doing what it should

https://bz.apache.org/bugzilla/show_bug.cgi?id=67061 Michael Osipov changed: What|Removed |Added CC||micha...@apache.org -- You are recei

[Bug 67061] SSLVerifyClient="optionalNoCA" still not doing what it should

https://bz.apache.org/bugzilla/show_bug.cgi?id=67061 --- Comment #2 from Mark Thomas --- You need to disable OCSP else optionalNoCA will always fail. Nest the following in your SSLHostConfig element in server.xml Tomcat Native should probably (just confirming that with a discussion on th

[Bug 67061] SSLVerifyClient="optionalNoCA" still not doing what it should

https://bz.apache.org/bugzilla/show_bug.cgi?id=67061 --- Comment #1 from ruedige...@yahoo.de --- On top, the problem also exists in my local installation (Ubuntu 20.04, Java 17): tomcat 9.0.55 tc-native 1.2.31 openssl 1.1.1f Here is the relevant longer excerpt from server.xml (the rest is un