You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by "Benoit Tellier (Jira)" <se...@james.apache.org> on 2022/10/14 03:46:00 UTC
[jira] [Closed] (JAMES-3833) SSL client auth: verify Certificates Revocation Lists
[ https://issues.apache.org/jira/browse/JAMES-3833?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Benoit Tellier closed JAMES-3833.
---------------------------------
Resolution: Fixed
> SSL client auth: verify Certificates Revocation Lists
> -----------------------------------------------------
>
> Key: JAMES-3833
> URL: https://issues.apache.org/jira/browse/JAMES-3833
> Project: James Server
> Issue Type: New Feature
> Components: protocols
> Reporter: Benoit Tellier
> Priority: Major
> Fix For: 3.8.0
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> See https://www.thesslstore.com/blog/crl-explained-what-is-a-certificate-revocation-list/ for context.
> Allow a user to enable OCSP checks for client certificates against CRLs:
> {code:java}
> <tls socketTLS="false" startTLS="true">
> <keystore>file://conf/keystore</keystore>
> <keystoreType>JKS</keystoreType>
> <secret>yoursecret</secret>
> <clientAuth>
> <truststore>file://conf/truststore</truststore>
> <truststoreType>JKS</truststoreType>
> <truststoreSecret>yoursecret</truststoreSecret>
> <enableOCSPCRLChecks>true</enableOCSPCRLChecks>
> </clientAuth>
> </tls>
> {code}
> This might be necessary IE for medical field users of the James server.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org