You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-dev@james.apache.org by "Benoit Tellier (Jira)" <se...@james.apache.org> on 2022/10/14 03:46:00 UTC

[jira] [Closed] (JAMES-3833) SSL client auth: verify Certificates Revocation Lists

     [ https://issues.apache.org/jira/browse/JAMES-3833?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Benoit Tellier closed JAMES-3833.
---------------------------------
    Resolution: Fixed

> SSL client auth: verify Certificates Revocation Lists
> -----------------------------------------------------
>
>                 Key: JAMES-3833
>                 URL: https://issues.apache.org/jira/browse/JAMES-3833
>             Project: James Server
>          Issue Type: New Feature
>          Components: protocols
>            Reporter: Benoit Tellier
>            Priority: Major
>             Fix For: 3.8.0
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> See https://www.thesslstore.com/blog/crl-explained-what-is-a-certificate-revocation-list/ for context.
> Allow a user to enable OCSP checks for client certificates against CRLs:
> {code:java}
> <tls socketTLS="false" startTLS="true">
>   <keystore>file://conf/keystore</keystore>
>   <keystoreType>JKS</keystoreType>
>   <secret>yoursecret</secret>
>   <clientAuth>
>     <truststore>file://conf/truststore</truststore>
>     <truststoreType>JKS</truststoreType>
>     <truststoreSecret>yoursecret</truststoreSecret>
>     <enableOCSPCRLChecks>true</enableOCSPCRLChecks>
>   </clientAuth>
> </tls>
> {code}
> This might be necessary IE for medical field users of the James server.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org