WebApp Sec mailing list archives
Re: [WebAppSec] How can App Server maintain CRL in keystore
From: "Gleb Paharenko" <gpaharenko () gmail com>
Date: Thu, 8 May 2008 23:35:31 +0300
Hi.
From my experience adding a smart SSL staff to J2EE servers is a
difficult task, usually they do no support features like attribute filtering, specifying allowed crypto algorithms, crls etc. But AFAIK you can link your app server with JAAS which should support a lot of security features. 2008/5/7 <tatonlto () yahoo com hk>:
Hi All, currently i store the web clients certificates in App Server's keystore. (I am using WebLogic and Java Keystore) so that the server only process request from trusted clients. any easy way to update the keystore with CA's CRL ? Thanks a lot ~ E.L. ------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
-- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com ------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
Current thread:
- [WebAppSec] How can App Server maintain CRL in keystore tatonlto (May 07)
- Re: [WebAppSec] How can App Server maintain CRL in keystore Gleb Paharenko (May 08)