Hi Lectrisimo, that’s good news. Is there any way you can share your test environment, so I can try to reproduce what you see?
Regards -- Dejan Bosanac about.me/dejanb On Thu, Jan 14, 2016 at 3:14 PM, Lectrismo <m.j...@yahoo.de> wrote: > Hi Dejan, > the last days I messed around with the config of OCSP. I've set the > following configuration into activemq.bat: > > set ACTIVEMQ_SSL_OPTS="-Dcom.sun.security.enableCRLDP=true > -Docsp.enable=true -Docsp.responderURL=http://my.ocspurl.example"; > echo %ACTIVEMQ_SSL_OPTS% > > When executing the bat-file I can see, that he tooked over my configuration > with ocsp (echo). > However I didn't found out what the activemq.bat is for? When do I have to > start activemq.bat? > Finally after playing around I can see OCSP requests going to my responder. > > Also I have revoked a certificate to test if the client with the revoked > certificate can connect to my broker. Suprisingly, he CAN. > It seems, that the broker connects the ocsp-responder URL, but do not block > the revoked Client-Certificate. > > I would appretiate if you could do some tests too. Otherwise the feature is > useless. > Sorry for the ammount of questions, but I'm new to broker and their config. > > much regards, > Lectrismo > > > > -- > View this message in context: > http://activemq.2283324.n4.nabble.com/Configure-OCSP-CRL-Checking-tp4705089p4705987.html > Sent from the ActiveMQ - User mailing list archive at Nabble.com. >
