subject:"RE\: Apache Tomcat 7.0.59 \- Even if a ws certificate stored in the WSkeystore expires, any webclient request is still accepted by server and not refused"

Re: Apache Tomcat 7.0.59 - Even if a ws certificate stored in the WSkeystore expires, any webclient request is still accepted by server and not refused

2017-02-07 Thread Mark Thomas

On 07/02/17 19:33, George Stanchev wrote: Mark, Apologies for top posting. We have our own trust manager that is attached to the connector because we want client certificates to be passed in the application for validation and authentication rather than the connector. If we switch to the

RE: Apache Tomcat 7.0.59 - Even if a ws certificate stored in the WSkeystore expires, any webclient request is still accepted by server and not refused

2017-02-07 Thread George Stanchev

Mark, Apologies for top posting. We have our own trust manager that is attached to the connector because we want client certificates to be passed in the application for validation and authentication rather than the connector. If we switch to the OpenSSL/APR based certificate processing, would

Re: Apache Tomcat 7.0.59 - Even if a ws certificate stored in the WSkeystore expires, any webclient request is still accepted by server and not refused

2017-02-06 Thread Mark Thomas

On 06/02/17 13:49, Francesco Leone wrote: Dear Sirs, To communicate you a behaviour with Apache Tomcat 7.0.59 Apache Tomcat 7.0.59 is running with: - RHEL6.6 - java jdk 1.8.0.74 - OpenSSL 1.0.2g We have a client - server communication. The Client certificate is produced via keytool and we