[
https://issues.apache.org/jira/browse/JAMES-3833?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Benoit Tellier closed JAMES-3833.
---------------------------------
Resolution: Fixed
> SSL client auth: verify Certificates Revocation Lists
> -----------------------------------------------------
>
> Key: JAMES-3833
> URL: https://issues.apache.org/jira/browse/JAMES-3833
> Project: James Server
> Issue Type: New Feature
> Components: protocols
> Reporter: Benoit Tellier
> Priority: Major
> Fix For: 3.8.0
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> See
> https://www.thesslstore.com/blog/crl-explained-what-is-a-certificate-revocation-list/
> for context.
> Allow a user to enable OCSP checks for client certificates against CRLs:
> {code:java}
> <tls socketTLS="false" startTLS="true">
> <keystore>file://conf/keystore</keystore>
> <keystoreType>JKS</keystoreType>
> <secret>yoursecret</secret>
> <clientAuth>
> <truststore>file://conf/truststore</truststore>
> <truststoreType>JKS</truststoreType>
> <truststoreSecret>yoursecret</truststoreSecret>
> <enableOCSPCRLChecks>true</enableOCSPCRLChecks>
> </clientAuth>
> </tls>
> {code}
> This might be necessary IE for medical field users of the James server.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
