Hi Dejan, the last days I messed around with the config of OCSP. I've set the following configuration into activemq.bat:
set ACTIVEMQ_SSL_OPTS="-Dcom.sun.security.enableCRLDP=true -Docsp.enable=true -Docsp.responderURL=http://my.ocspurl.example"; echo %ACTIVEMQ_SSL_OPTS% When executing the bat-file I can see, that he tooked over my configuration with ocsp (echo). However I didn't found out what the activemq.bat is for? When do I have to start activemq.bat? Finally after playing around I can see OCSP requests going to my responder. Also I have revoked a certificate to test if the client with the revoked certificate can connect to my broker. Suprisingly, he CAN. It seems, that the broker connects the ocsp-responder URL, but do not block the revoked Client-Certificate. I would appretiate if you could do some tests too. Otherwise the feature is useless. Sorry for the ammount of questions, but I'm new to broker and their config. much regards, Lectrismo -- View this message in context: http://activemq.2283324.n4.nabble.com/Configure-OCSP-CRL-Checking-tp4705089p4705987.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.
