Is there anyone with experience of usage of OSCP feature J2SE with Tomcat, Jboss, etc?
Documentation states it should work right away by just setting a property "ocsp.enable" to "true" if certificate has all what is required.
As application servers use standard classes in background, it should all just work.
Does it? I just want to get info sooner as I currently do not have proper certificates to test with.
Hi, I am trying to implement an OCSP solution on Tomcat and I saw your posting. Is there a way that you could post some of your code (java classes) and xml you used to test for cert validity with OCSP?
I have not personally tested the J2SE's OCSP Responder code, but I have no doubt that it should work if the configuration is correct.
Setting just "ocsp.enable" to "true" and expecting it to work implies that you have a full-blown OCSP Responder environment and that your certificates have the appropriate extensions (AIA) in them that provide all the information necessary for the OCSP code in J2SE to work. If the digital certificate does not have the extension, or if any of the values are incorrect or missing, then it is obviously not going to work until you explicitly specify all the other OCSP parameters specified.
subject: OCSP with web/application servers - Experieice? Does it work as expected?