The TIBCO Platform is a real-time, composable data platform that will bring together an evolving set of your TIBCO solutions - and it's available now!
A chart showing the TIBCO Platform vision
Jump to content
Forums
Ask questions and gain insight from discussions

Recommended Posts

Posted

We have teh following flow:

External client with digicert --> BW --> Aws load balancer with ACM private CA cert

BW acts as a server to "External client" and acts as a client to AWS load balancer.

ACM cert's CRL distribution endpoint is removed as per requirement.

BW should validate CRL for External client's certificate. But BW should bypass CRL check on ACM cert since it doesn't have CRL distribution endpoint.

We have the following settings:

ava.property.com.sun.security.enableCRLDP=true

java.property.com.tibco.security.NoExplicitCAChain=true

java.property.com.tibco.security.CheckRevocation=true

java.property.com.sun.net.ssl.CheckRevocation=true

It fails with "final verification failed: java.security.cert.CertPathValidatorException: Could not determine revocation status"

How to configure BW so that it will check CRL on External client cert' but not on ACM cert.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...