We're updating the issue view to help you get more done. 

Use CRL as provided by CA

Description

Certificates that are issued can be revoked at a later stage. One way to determine if an previously issued certificate is revoked, is to check various Certificate Revocation Lists (CRLs).

Openfire supports this mechanism, but seems to be limited to using a local file that contains the CRL.

Certificate Authorities provide online CRLs (their location is provided in their certificate). When such CRLs are available, Openfire should (also) use those.

Note that this should cover various types of connectivity (eg: client-to-server, server-to-server).

Environment

None

Acceptance Test - Entry

None

Assignee

Guus der Kinderen

Reporter

Guus der Kinderen

Labels

None

Expected Effort

None

Ignite Forum URL

None

Components

Priority

Major
Configure