BW 5 SSL Properties

問(wèn):

沒(méi)有RootCA如何通過(guò)證書(shū)驗(yàn)證?? No Way yet !

問(wèn):

沒(méi)有中間子證書(shū)但是有RootCA如何通過(guò)證書(shū)驗(yàn)證:

java.property.com.tibco.security.NoExplicitCAChain=true


All the properties worthy tests are like below:

-------------------------------------------------------------------------------------

?java.property.com.tibco.security.NoExplicitCAChain=true

?java.property.com.tibco.security.CheckRevocation=true

?java.property.com.tibco.security.EntrustLast=true

?java.property.TIBCO_SECURITY_VENDOR=j2se

-------------------------------------------------------------------------------------

Please find the answers inline.

1. Our goal is to keep only root CA certificate in the trust folder and remove all server/client cert and intermediate certs. Can we accomplish this by setting the below property in the bw app .tra file?

java.property.com.tibco.security.NoExplicitCAChain=true

Yes, in general BW has an explicit trust model. i.e. client would only establish an SSL connection if it was able to verify a full chain of trust from the server's certificate to a? root certificate. By setting NoExplicitCAChain to true, we can work around the explicit model, which will not require the full certificate chain to be present.

2. What is the benefit of the below property?

#enable revocation checks

java.property.com.tibco.security.CheckRevocation=true

-------------------------------------------------------------------------------------

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容