https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #16 from Mark Thomas ---
Plans haven't changed from comment #6. Patches still welcome. I'm expecting the
OpenSSL 3.0.x and 1.1.1 solutions to look broadly similar (but haven't looked
at the code).
--
You are receiving this mail
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #15 from logo ---
Mark,
would you mind updating your plans for this request.
It may be outdated as to Tomcat version, Openssl 1.1.1 vs. 3.1 and usage of
Tomcat native.
Nevertheless it would be great to have this working.
I
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
Mark Thomas changed:
What|Removed |Added
Version|unspecified |8.5.x-trunk
Product|Tomcat 7
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #13 from Mark Thomas ---
(In reply to Azat from comment #12)
> (In reply to Mark Thomas from comment #11)
> > It is on the TODO list but there are quite a few things ahead of it on the
> > list.
>
> Couple of questions to Mark
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #12 from Azat ---
(In reply to Mark Thomas from comment #11)
> It is on the TODO list but there are quite a few things ahead of it on the
> list.
Couple of questions to Mark related to this bug:
1) is this enhancement request
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #11 from Mark Thomas ---
It is on the TODO list but there are quite a few things ahead of it on the
list.
--
You are receiving this mail because:
You are the assignee for the bug.
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #10 from Azat ---
(In reply to Mark Thomas from comment #9)
> The current status is what you see here. It will be implemented when someone
> provides a suitable patch.
Ok.Thanks, Mark. I understand that patches from the Tomcat
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #9 from Mark Thomas ---
The current status is what you see here. It will be implemented when someone
provides a suitable patch.
--
You are receiving this mail because:
You are the assignee for the bug.
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #8 from Azat ---
(In reply to Mark Thomas from comment #6)
> This will need code changes in Tomcat Native. A rough outline of what is
> required is provided by:
>
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
Azat changed:
What|Removed |Added
CC||usma...@ieml.ru
--
You are receiving this
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #7 from Christopher Schultz ---
(In reply to Mark Thomas from comment #4)
> -Djdk.tls.server.enableStatusRequestExtension=true
Is this something that is possible via Tomcat configuration? Or is it only
possible via a system
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #6 from Mark Thomas ---
This will need code changes in Tomcat Native. A rough outline of what is
required is provided by:
https://www.openssl.org/docs/man1.1.0/man3/SSL_CTX_set_tlsext_status_arg.html
--
You are receiving this
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #5 from Mark Thomas ---
Just switching implementations (no config changes)
NIO-OpenSSL - no stapling
APR-OpenSSL - no stapling
Next step is to look at OpenSSL config and API to see a) if this can be enabled
and b) what the
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #4 from Mark Thomas ---
I can confirm this "just works" if you have a suitably configured certificate
(LetsEncrypt in my test), a Java version that supports it (JDK 11.0.3+7 in my
test), are using a JSSE based connector (NIO with
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
jfclere changed:
What|Removed |Added
CC||jfcl...@gmail.com
--
You are receiving
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
--- Comment #3 from Christopher Schultz ---
Looks like Java 9 has OCSP stapling[1]. See slide 47. Looks like you can just
set a system preference and magically you get OCSP stapling.
[1]
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148
Ralf Hauser changed:
What|Removed |Added
CC||hau...@acm.org
---
https://issues.apache.org/bugzilla/show_bug.cgi?id=56148
Violeta Georgieva violet...@apache.org changed:
What|Removed |Added
Severity|normal
https://issues.apache.org/bugzilla/show_bug.cgi?id=56148
Mark Thomas ma...@apache.org changed:
What|Removed |Added
OS||All
--- Comment #1
19 matches
Mail list logo