How can I configure Apache Tomcat to use OCSP stapling and certificate revocation check using OCSP implementation available in Java 9?
Is running tomcat 9 on Java 9 with following property is enough?
// Enable OCSP Stapling (off by default)
System.setProperty(“jdk.tls.server.enableStatusRequestExtension”, “true”);
I have tried above but doesn't seem to be working
Please check this Infotiate SSL Proxy project on git hub. We had similar use case and this SSL proxy answers most of what we needed to do regarding more control over the certificate path validation process in Spring-boot application