Java security configuration to look at CRL for revocation checking

Seshadri, Usha usha.seshadri at lmco.com
Tue Jan 5 17:28:44 UTC 2016


Hi,

I am using Java 8, and am trying to configure JVM to go to CRL for revocation checking. I didn't see any parameter in java.security to enable CRL revocation checking, although there are parameters to configure OCSP.

I tried setting these two parameters as JVM options with -D, but doesn't seem to take any effect.
deployment.security.validation.crl= true
deployment.security.validation.crl.url=file:///root/xyz/crls/  --> points to the CRL directory

What configurable property controls the CRL revocation checking? Any answer will be greatly appreciated!

Thanks,

Usha Seshadri
Lockheed Martin, IS&GS
301-240-7496
[LM-logo]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20160105/7d2e0d8a/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.jpg
Type: image/jpeg
Size: 3520 bytes
Desc: image004.jpg
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20160105/7d2e0d8a/image004.jpg>


More information about the security-dev mailing list