You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by "Benoit Tellier (Jira)" <se...@james.apache.org> on 2022/10/11 01:39:00 UTC
[jira] [Created] (JAMES-3833) SSL client auth: verify Certificates Revocation Lists
Benoit Tellier created JAMES-3833:
-------------------------------------
Summary: SSL client auth: verify Certificates Revocation Lists
Key: JAMES-3833
URL: https://issues.apache.org/jira/browse/JAMES-3833
Project: James Server
Issue Type: New Feature
Components: protocols
Reporter: Benoit Tellier
Fix For: 3.8.0
See https://www.thesslstore.com/blog/crl-explained-what-is-a-certificate-revocation-list/ for context.
Allow a user to enable OCSP checks for client certificates against CRLs:
{code:java}
<tls socketTLS="false" startTLS="true">
<keystore>file://conf/keystore</keystore>
<keystoreType>JKS</keystoreType>
<secret>yoursecret</secret>
<clientAuth>
<truststore>file://conf/truststore</truststore>
<truststoreType>JKS</truststoreType>
<truststoreSecret>yoursecret</truststoreSecret>
<enableOCSPCRLChecks>true</enableOCSPCRLChecks>
</clientAuth>
</tls>
{code}
This might be necessary IE for medical field users of the James server.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org