Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-2033

Certificate Revocation Lists

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Major Major
    • 1.16.0.CR1
    • None
    • None
    • None

      Add support for multiple Certificate Revocation Lists

      Currently it is possible to configure one CRL [1]. But if several CAs are used, there is no way to configure several CRL files. Schema allows 1 CRL [2].

      [1] https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/how_to_configure_server_security/index#configuring-certificate-revocation-using-crl-in-elytron_default

      [2]

      <xs:complexType name="trustManagerType">
      <xs:annotation>
      <xs:documentation>
      Definition of a single TrustManager.
      </xs:documentation>
      </xs:annotation>
      <xs:all>
      <xs:element name="certificate-revocation-list" type="certificateRevocationListType" minOccurs="0" maxOccurs="1"/>
      <xs:element name="ocsp" type="ocspType" minOccurs="0" maxOccurs="1"/>
      </xs:all>

              rh-ee-szaldana Sonia Zaldana Calles
              rh-ee-szaldana Sonia Zaldana Calles
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: