We are trying to setup HTTPS for JBOSS version 4.0.5. In this regards we discovered the following limitations in JBOSS 1. JBOSS does not support CRL Distribution point using a HTTP URL. We worked around this issue by manually copying the CRL to a local CRL cache file and pointing crlFile to this local cache. 2. In order for JBOSS to pick up the updated CRL , it requires a restart. 3. The last but annoying aspect is that JBOSS does not accept connections if next update for CRL expired and it has not been able to acquire the CRL update. We plan to publish the CRL's routinely so it is important to pick up the dates. We basically set the next update in the CRL to be a day and noticed that JBOSS does not accept connections anymore if next update time has passed. Not sure why this behavior exists Can anyone recommend workaroud/resolution/patches for these issues especially #3. Really appreciate all your help Thanks, Mohammed View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4166062#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...