You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2019/07/23 16:23:51 UTC

[Bug 63500] Core dump using APR tomcat native with certificateRevocationListFile

https://bz.apache.org/bugzilla/show_bug.cgi?id=63500

--- Comment #11 from Bruno <br...@gmail.com> ---
Using the fix with tomcat 9.0.22 and tomcat-native 1.2.23 and the server
doesn't core dump anymore when I add CRL to SSLHostConfig using configuration
certificateRevocationListFile in format
-----BEGIN X509 CRL-----

But have a new issue, I'm unable to use valid X509 client certs. I get the
message from curl

curl: (35) error:1401E418:SSL routines:CONNECT_CR_FINISHED:tlsv1 alert unknown
ca

If I remove the CRL config client certs work as expected.

Is there a way to understand what is the issue? Was unable to find a way to
enable SSL logging being OpenSSL.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org