|
|
962a55 |
From c7e9138d59833ca0b9437fd130d3d9cb2fdf393d Mon Sep 17 00:00:00 2001
|
|
|
962a55 |
From: John Magne <jmagne@mharmsen-rhel7.usersys.redhat.com>
|
|
|
962a55 |
Date: Thu, 20 Sep 2018 21:35:20 -0400
|
|
|
962a55 |
Subject: [PATCH] Fix for Bug 1630469 - CC: tomcatjss: unable to enable OCSP
|
|
|
962a55 |
checking from peer AIA extension.
|
|
|
962a55 |
|
|
|
962a55 |
Now the server.xml can be configured to enable ocsp AND leave other settings null, to trigger
|
|
|
962a55 |
NSS to use the AIA extension to locate the ocsp responder.
|
|
|
962a55 |
|
|
|
962a55 |
ex:
|
|
|
962a55 |
|
|
|
962a55 |
|
|
|
962a55 |
.....
|
|
|
962a55 |
enableOCSP="true" ocspCacheSize="1000" ocspMinCacheEntryDuration="60" ocspMaxCacheEntryDuration="120" ocspTimeout="10"
|
|
|
962a55 |
---
|
|
|
962a55 |
src/org/apache/tomcat/util/net/jss/JSSSocketFactory.java | 7 +++++--
|
|
|
962a55 |
1 file changed, 5 insertions(+), 2 deletions(-)
|
|
|
962a55 |
|
|
|
962a55 |
diff --git a/src/org/apache/tomcat/util/net/jss/JSSSocketFactory.java b/src/org/apache/tomcat/util/net/jss/JSSSocketFactory.java
|
|
|
962a55 |
index b38b091..b91c7a4 100644
|
|
|
962a55 |
--- a/src/org/apache/tomcat/util/net/jss/JSSSocketFactory.java
|
|
|
962a55 |
+++ b/src/org/apache/tomcat/util/net/jss/JSSSocketFactory.java
|
|
|
962a55 |
@@ -740,8 +740,11 @@ public class JSSSocketFactory implements
|
|
|
962a55 |
"ocspResponderCertNickname");
|
|
|
962a55 |
debugWrite("JSSSocketFactory init - ocspResponderCertNickname"
|
|
|
962a55 |
+ ocspResponderCertNickname + "\n");
|
|
|
962a55 |
- if (StringUtils.isNotEmpty(ocspResponderURL) &&
|
|
|
962a55 |
- StringUtils.isNotEmpty(ocspResponderCertNickname)) {
|
|
|
962a55 |
+
|
|
|
962a55 |
+ if ((StringUtils.isNotEmpty(ocspResponderURL) &&
|
|
|
962a55 |
+ StringUtils.isNotEmpty(ocspResponderCertNickname)) ||
|
|
|
962a55 |
+ (StringUtils.isEmpty(ocspResponderURL)
|
|
|
962a55 |
+ && StringUtils.isEmpty(ocspResponderCertNickname))) {
|
|
|
962a55 |
|
|
|
962a55 |
ocspConfigured = true;
|
|
|
962a55 |
try {
|
|
|
962a55 |
--
|
|
|
962a55 |
1.8.3.1
|
|
|
962a55 |
|