[
https://issues.apache.org/jira/browse/AMQ-6118?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15158455#comment-15158455
]
Marko Jovanovic commented on AMQ-6118:
--------------------------------------
Hey Christopher,
thanks for your opinion. The post you linked in above, is from me.
Could you tell me how to raise this request into "needs_review" section? Or how
to create a feature request?
I spent some time on an alternative idea with the static crl list. I could
bring in an idea for
adding the crl list loadup to the runtime configuration. So it's possible for
the users to load it manually without broker restart.
That's an alternative way to get client certificates managed.
It would be very glad, when this feature would be reviewed in total.
> ActiveMQ SSL CRL Checking via OCSP
> ----------------------------------
>
> Key: AMQ-6118
> URL: https://issues.apache.org/jira/browse/AMQ-6118
> Project: ActiveMQ
> Issue Type: Bug
> Components: Broker
> Affects Versions: 5.12.1
> Environment: Windows Server 2012R2 with ActiveMQ Windows Distribution
> Reporter: Marko Jovanovic
> Attachments: jvm_args.png
>
>
> For some unknown reason, the CRL Check via OCSP isn't working in Windows
> ActiveMQ 5.12.1
> After reviewing the Linux distribution of Activemq there was a configuration
> line found in the file bin/env.
> The Config in Linux Distribution looked like:
> # Set additional JSE arguments
> #ACTIVEMQ_SSL_OPTS="-Dcom.sun.security.enableCRLDP=true -Docsp.enable=true
> -Docsp.responderURL=http://ocsp.example.net:80";
> Where to set it in Windows file distribution?
> Tried to set it in activemq file but no success. I couldn't see any request
> going to the responder URL which I configured.
> Think there is a general Problem with the code concerning OCSP functionality.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
