Bug 58548 - support certifcate transparency
Summary: support certifcate transparency
Status: NEEDINFO
Alias: None
Product: Tomcat 9
Classification: Unclassified
Component: Connectors (show other bugs)
Version: unspecified
Hardware: All All
: P2 enhancement (vote)
Target Milestone: -----
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-10-26 05:36 UTC by Ralf Hauser
Modified: 2020-01-02 15:57 UTC (History)
0 users


Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ralf Hauser 2015-10-26 05:36:26 UTC 
Please provide a documentation for the configuration of all 3 to become listed on http://www.certificate-transparency.org/resources-for-site-owners 

(see also https://ritter.vg/blog-require_certificate_transparency.html )
Comment 1 Mark Thomas 2015-11-02 22:49:24 UTC 
Moving to Tomcat 9 since supporting the TLS extension will require support from JSSE and OpenSSL. Currently CT support is available in OpenSSL 1.0.2 and that means Tomcat 9.

I couldn't find any indication the Java supports or plans to support CT.

Using a certificate with the CT extension should work for all current Tomcat versions with all connectors immediately.
Comment 2 Ralf Hauser 2016-06-25 09:10:44 UTC 
see also Bug 59754
Comment 3 Christopher Schultz 2020-01-02 15:57:58 UTC 
Ping. This should either work or not, as described.