Benoit Tellier created JAMES-3833: ------------------------------------- Summary: SSL client auth: verify Certificates Revocation Lists Key: JAMES-3833 URL: https://issues.apache.org/jira/browse/JAMES-3833 Project: James Server Issue Type: New Feature Components: protocols Reporter: Benoit Tellier Fix For: 3.8.0
See https://www.thesslstore.com/blog/crl-explained-what-is-a-certificate-revocation-list/ for context. Allow a user to enable OCSP checks for client certificates against CRLs: {code:java} <tls socketTLS="false" startTLS="true"> <keystore>file://conf/keystore</keystore> <keystoreType>JKS</keystoreType> <secret>yoursecret</secret> <clientAuth> <truststore>file://conf/truststore</truststore> <truststoreType>JKS</truststoreType> <truststoreSecret>yoursecret</truststoreSecret> <enableOCSPCRLChecks>true</enableOCSPCRLChecks> </clientAuth> </tls> {code} This might be necessary IE for medical field users of the James server. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org