Hi Michael
I just tested this and everything works as expected, i.e.:
- JavaFX' WebView uses OCSP when the 3 related properties are set (using
WireShark to verify)
- https://revoked.grc.com fails when using OCSP, and succeeds when not
- https://www.coinbase.com succeeds either way
So
Thanks very much, really appreciate it.
On Mon, Jan 4, 2016 at 5:14 PM, Kevin Rushforth
wrote:
> We'll take a closer look at it then.
>
>
> -- Kevin
>
>
> Michael Ennen wrote:
>
> Kevin,
>
> After some further exploration I see that indeed certificate revocation
>
We'll take a closer look at it then.
-- Kevin
Michael Ennen wrote:
Kevin,
After some further exploration I see that indeed certificate revocation
does seem to be enabled through:
Security.setProperty("ocsp.enable", "true");
System.setProperty("com.sun.security.enableCRLDP", "true");
Kevin,
After some further exploration I see that indeed certificate revocation
does seem to be enabled through:
Security.setProperty("ocsp.enable", "true");
System.setProperty("com.sun.security.enableCRLDP", "true");
System.setProperty("com.sun.net.ssl.checkRevocation", "true");
However, this
Try the following:
System.setProperty("com.sun.net.ssl.checkRevocation", "true");
-- Kevin
Michael Ennen wrote:
Hello,
I will keep this short and brief. If one attempts to use the WebView
control to load the following page:
https://revoked.grc.com/
The page is loaded, SSL handshake
Hello,
I will keep this short and brief. If one attempts to use the WebView
control to load the following page:
https://revoked.grc.com/
The page is loaded, SSL handshake completes successfully, and it is
displayed and no exceptions are thrown
(e.g.