I have some problems with integrating client certificate authentication on TomCat7.
TomCat ist running on a Windows 2008R2 Server in apr mode. The server belongs to a domain. I have a Microsoft CA installed on the domaincontroller, the webserver certificate, the user certificates and the certificate revocation list are distributed by this CA. Client authentication is working fine, but I couldn't figure out yet, how to integrate the revocation list.
I have written "SSLCARevocationFile="C:\Program Files\...\revocationlist.crl" in the connector, but it hasn't had any effect. After restarting TomCat, the connection to https://localhost/manager still asks me for the certificate and lets me through, instead of blocking me. So there ist no difference if I have written "SSLCARecovationFile" in the connector or not. Is it possible that I have to convert the .crl in an other fileformat?
So, any ideas how to get this working? Thanks in advance!