Re: [WebAppSec] How can App Server maintain CRL in keystore

["Gleb Paharenko" <gpaharenko () gmail com>]

Hi.

> From my experience adding a smart SSL staff to J2EE servers is a
difficult task, usually they do no
support features like attribute filtering, specifying allowed crypto
algorithms, crls etc. But AFAIK you can
link your app server with JAAS which should support a lot of security features.

2008/5/7  <tatonlto () yahoo com hk>:
> Hi All,
>
>
>
> currently i store the web clients certificates in App Server's keystore. (I am using WebLogic and Java Keystore)
>
> so that the server only process request from trusted clients.
>
>
> any easy way to update the keystore with CA's CRL ?
>
>
>
> Thanks a lot ~
>
> E.L.
>
> -------------------------------------------------------------------------
> Sponsored by: Watchfire
> Methodologies & Tools for Web Application Security Assessment
> With the rapid rise in the number and types of security threats, web application security assessments should be 
> considered a crucial phase in the development of any web application. What methodology should be followed? What tools 
> can accelerate the assessment process? Download this Whitepaper today!
>
> https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
> -------------------------------------------------------------------------



-- 
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com

-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web application security assessments should be 
considered a crucial phase in the development of any web application. What methodology should be followed? What tools 
can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------