[prev in list] [next in list] [prev in thread] [next in thread]
List: wss4j-dev
Subject: [jira] [Closed] (WSS-338) should set com....security.enableCRLDP when enableRevocation is true
From: "Colm O hEigeartaigh (JIRA)" <jira () apache ! org>
Date: 2014-10-07 8:05:35
Message-ID: JIRA.12542495.1329209938000.206395.1412669135762 () Atlassian ! JIRA
[Download RAW message or body]
[ https://issues.apache.org/jira/browse/WSS-338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel \
]
Colm O hEigeartaigh closed WSS-338.
-----------------------------------
> should set com....security.enableCRLDP when enableRevocation is true
> --------------------------------------------------------------------
>
> Key: WSS-338
> URL: https://issues.apache.org/jira/browse/WSS-338
> Project: WSS4J
> Issue Type: Improvement
> Affects Versions: 1.6.4
> Reporter: Freeman Fang
> Assignee: Colm O hEigeartaigh
> Attachments: WSS-338.patch
>
>
> When we use CRL to do revocation certificate check, generally the certificates can \
> carry CRLDistributionPoints extension(which is http or ldap url), but currently we \
> can't use this CRLDistributionPoints in certificates out of the box. It would be \
> better that we can use CRLDistributionPoints out of box. Simply set \
> com.sun|ibm.security.enableCRLDP property as true when enableRevocation ensure that \
> we get chance to use the CRLDistributionPoints in certificates and no necessary to \
> specify org.apache.ws.security.crypto.merlin.x509crl.file explicitly and whatnot \
> for Crypto instance. Set this property won't affect current logic, e.g., if there \
> is no CRLDistributionPoints in certificates then it still can use the crl file \
> specified by org.apache.ws.security.crypto.merlin.x509crl.file
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic