[jboss-jira] [JBoss JIRA] (WFWIP-161) OCSP configuration does not work
Jan Stourac (Jira)
issues at jboss.org
Thu May 9 13:09:00 EDT 2019
Jan Stourac created WFWIP-161:
---------------------------------
Summary: OCSP configuration does not work
Key: WFWIP-161
URL: https://issues.jboss.org/browse/WFWIP-161
Project: WildFly WIP
Issue Type: Bug
Components: Security
Environment: WildFly built with following branches in use:
{code}
https://github.com/nekdozjam/wildfly-elytron/tree/ELY-1617
https://github.com/nekdozjam/wildfly-core/tree/WFCORE-3947
{code}
Reporter: Jan Stourac
Assignee: Martin Mazanek
I tried to configure OCSP support in WildFly trust-manager, although it looks like I am not able to configure it properly. After all my steps (see in 'steps to reproduce' section), my WildFly server accepts clients both with valid and revoked certificates. Although expected behavior is to accept only the one with the valid certificate.
Looking in the OCSP responder log (OpenSSL used for this), it looks like there is even no request to it. Checked also Wireshark with same result - no request to OCSP responder on my machine.
As such, there is probably some problem in implementation or my actual configuration is buggy. Could you please check and give some advice?
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list