Menu
▾
▴
Re: [Ejbca-develop] EJBCA 6.1.1 connectivity from client java application
|
From: Tomas G. <to...@pr...> - 2014-06-26 09:30:41
|
Sorry, you'll have to investigate JBoss specifics yourself, I do not
know that on top of my head.
(or get support if you need someone to figure it out for you).
Cheers,
Tomas
On 2014-06-26 11:13, Тимур wrote:
> Hello, Tomas !
>
> Could you please to prompt how to switch EJBCA 6.1.1 from TLSv1 to SSLv3
> for serving incoming requests from external java-application which tries
> to connect to EJBCA host:8443 ? (external java-app is old enough and was
> created for EJBCA 3.11)
>
> 14:29:50,458 INFO [stdout] (http--0.0.0.0-8443-1) http--0.0.0.0-8443-1,
> SEND TLSv1 ALERT: fatal, description = unexpected_message
> 14:29:50,460 INFO [stdout] (http--0.0.0.0-8443-1) http--0.0.0.0-8443-4,
> SEND TLSv1 ALERT: http--0.0.0.0-8443-1, WRITE: TLSv1 Alert, length = 2
> 14:29:50,461 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> handling exception: java.net.SocketTimeoutException: Read timed out
> 14:29:50,463 INFO [stdout] (http--0.0.0.0-8443-1) http--0.0.0.0-8443-1,
> called closeSocket()
> 14:29:50,464 INFO [stdout] (http--0.0.0.0-8443-4) fatal, description =
> unexpected_message
>
> 14:56:15,896 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> WRITE: TLSv1 Handshake, length = 48
> 14:56:15,903 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> READ: TLSv1 Change Cipher Spec, length = 1
> 14:56:15,905 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> READ: TLSv1 Handshake, length = 48
> 14:56:15,906 INFO [stdout] (http--0.0.0.0-8443-3) *** Finished
> 14:56:15,906 INFO [stdout] (http--0.0.0.0-8443-3) verify_data: { 107,
> 133, 194, 246, 254, 149, 3, 99, 208, 155, 18, 181 }
> 14:56:15,907 INFO [stdout] (http--0.0.0.0-8443-3) ***
> 14:56:15,908 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> READ: TLSv1 Application Data, length = 32
> 14:56:15,909 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> READ: TLSv1 Application Data, length = 528
> 14:56:15,911 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> WRITE: TLSv1 Application Data, length = 368
> 14:56:15,969 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> READ: TLSv1 Application Data, length = 32
> 14:56:15,970 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> READ: TLSv1 Application Data, length = 464
> 14:56:15,973 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> WRITE: TLSv1 Application Data, length = 32
> 14:56:15,974 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> WRITE: TLSv1 Application Data, length = 5344
> 14:56:21,959 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> READ: TLSv1 Alert, length = 32
> 14:56:21,961 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> RECV TLSv1 ALERT: warning, close_notify
> 14:56:21,962 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> called closeInternal(false)
> 14:56:21,962 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> SEND TLSv1 ALERT: warning, description = close_notify
> 14:56:21,964 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> WRITE: TLSv1 Alert, length = 32
> 14:56:21,965 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> called close()
> 14:56:21,966 INFO [stdout] (http--0.0.0.0-8443-3) http--0.0.0.0-8443-3,
> called closeInternal(true)
>
> thank you, Timur
>
>
> 2014-06-24 15:14 GMT+06:00 Tomas Gustavsson <to...@pr...
> <mailto:to...@pr...>>:
>
>
> Hi Timur,
>
> No there is no such table available that would be very time consuming to
> produce on free basis.
>
> Customized development help is usually a professional services business.
>
> Kind regards,
> Tomas
>
> On 2014-06-24 11:03, Тимур wrote:
> > Hello, Tomas.
> > Thank you for your prompt.
> > Is there any external interfaces comparison table among different
> > versions of EJBCA to see what calls to EJBCA 6.1.1 must be
> corrected ?
> > For example, usual operations like check common name, check
> certificate
> > validity are still the same between EJBCA 3.11.x and 6.1.x ?
> >
> > thank you, Timur.
> >
> >
> >
> > 2014-06-24 14:43 GMT+06:00 Tomas Gustavsson <to...@pr...
> <mailto:to...@pr...>
> > <mailto:to...@pr... <mailto:to...@pr...>>>:
> >
> >
> > Depending on what interfaces you are using, things have
> changed. Some
> > interfaces have not changed, while some have.
> >
> > Cheers,
> > Tomas
> > ---
> > Save time and money with an Enterprise support subscription.
> Please see
> > www.primekey.se <http://www.primekey.se> <http://www.primekey.se>
> for more information.
> > http://www.primekey.se/Products/EJBCA+PKI/
> > http://www.primekey.se/Services/Support/
> >
> > On 2014-06-24 09:32, Тимур wrote:
> > > Dears,
> > > (there was wrong typing in EJBCA version in my previous
> post , so
> > > repeating the question in a correct way)
> > > Could you please to confirm/refute whether EJBCA 3.11.0
> versus EJBCA
> > > 6.1.1 has any difference in their external interfaces for
> interaction
> > > with external java applications ?
> > > Is some custom java applicaton (which was designed for
> > interaction with
> > > EJBCA 3.11.0 (r10752) external interface) compatible with
> EJBCA 6.1.1
> > > external interface ?
> > >
> > > thanks, Timur
> > >
> > >
> > >
> > > 2014-06-08 17:26 GMT+06:00 Branko Majic <br...@ma...
> <mailto:br...@ma...>
> > <mailto:br...@ma... <mailto:br...@ma...>>
> > > <mailto:br...@ma... <mailto:br...@ma...>
> <mailto:br...@ma... <mailto:br...@ma...>>>>:
> > >
> > > On Sat, 7 Jun 2014 23:04:37 +0600
> > > Тимур <tim...@gm...
> <mailto:tim...@gm...>
> > <mailto:tim...@gm...
> <mailto:tim...@gm...>> <mailto:tim...@gm...
> <mailto:tim...@gm...>
> > <mailto:tim...@gm...
> <mailto:tim...@gm...>>>>
> > > wrote:
> > >
> > > > Hello, Branko !
> > > > Thank you for your good advice about SSL debugging
> on JBoss.
> > > IP-address
> > > > was replaced by FQDN but still JBoss rejects
> connection.
> > > > Then SSL debug had been enabled on JBoss 7.1.1:
> > > >
> > > > [oracle@duo ~]$ curl -v
> "https://rootca.teka.kz:8442/ejbca" -E
> > > > /home/oracle/CSR_EJBCA_duo2/certs_x509/duo.cer
> > > > --key
> /home/oracle/CSR_EJBCA_duo2/duo/duo.teka.kz.key --pass
> > > welcome123
> > > > --cacert /home/oracle/BTAIpotekaCA.cacert.pem
> > > > ....
> > > > 21:10:53,179 INFO [stdout]
> (http--0.0.0.0-8442-Acceptor-0) Is
> > > initial
> > > > handshake: true
> > > > 21:10:53,180 INFO [stdout]
> > (http--0.0.0.0-8442-Acceptor-0) Is secure
> > > > renegotiation: false
> > > > 21:10:53,183 INFO [stdout] (http--0.0.0.0-8442-1)
> > > http--0.0.0.0-8442-1,
> > > > setSoTimeout(60000) called
> > > > 21:10:53,187 INFO [stdout] (http--0.0.0.0-8442-1)
> > > http--0.0.0.0-8442-1,
> > > > READ: SSL v2, contentType = Handshake, translated
> length = 95
> > > > 21:10:53,190 INFO [stdout] (http--0.0.0.0-8442-1) ***
> > > ClientHello, TLSv1
> > > > .....
> > > > 21:10:53,286 INFO [stdout] (http--0.0.0.0-8442-1) ***
> > > ServerHello, TLSv1
> > > > .....
> > > > 21:10:53,550 INFO [stdout] (http--0.0.0.0-8442-1) ***
> > > ServerHelloDone
> > > > 21:10:53,552 INFO [stdout] (http--0.0.0.0-8442-1)
> > > http--0.0.0.0-8442-1,
> > > > WRITE: TLSv1 Handshake, length = 2722
> > > > 21:10:53,561 INFO [stdout] (http--0.0.0.0-8442-1)
> > > http--0.0.0.0-8442-1,
> > > > READ: TLSv1 Alert, length = 2
> > > > 21:10:53,563 INFO [stdout] (http--0.0.0.0-8442-1)
> > > http--0.0.0.0-8442-1,
> > > > RECV TLSv1 ALERT: fatal, unknown_ca
> > > > 21:10:53,564 INFO [stdout] (http--0.0.0.0-8442-1)
> > > http--0.0.0.0-8442-1,
> > > > called closeSocket()
> > > > 21:10:53,566 INFO [stdout] (http--0.0.0.0-8442-1)
> > > http--0.0.0.0-8442-1,
> > > > handling exception:
> javax.net.ssl.SSLHandshakeException:
> > Received
> > > fatal
> > > > alert: unknown_ca
> > > > 21:10:53,567 INFO [stdout] (http--0.0.0.0-8442-1)
> > > http--0.0.0.0-8442-1,
> > > > IOException in getSession():
> > > javax.net.ssl.SSLHandshakeException: Received
> > > > fatal alert:
> > > > unknown_ca <-------!!!!!!!
> > > > 21:10:53,577 INFO [stdout] (http--0.0.0.0-8442-1)
> > > http--0.0.0.0-8442-1,
> > > > called close()
> > > >
> > > > JBoss SSL-certificate is for CN=rootca.teka.kz
> <http://rootca.teka.kz>
> > <http://rootca.teka.kz>
> > > <http://rootca.teka.kz> which belongs to the CA
> > > > named "ROOTCA.TEKA.KZ <http://ROOTCA.TEKA.KZ>
> <http://ROOTCA.TEKA.KZ>
> > <http://ROOTCA.TEKA.KZ>
> > > <http://rootca.teka.kz/>".
> > > > BUT I run "curl" utlity for CA named "BTA Ipoteka
> CA" - all
> > > certificates
> > > > used in "curl" options are emitted by CA "BTA
> Ipoteka CA":
> > > >
> > > > [oracle@duo ~]$ curl -v
> "https://rootca.teka.kz:8442/ejbca" -E
> > > > /home/oracle/CSR_EJBCA_duo2/certs_x509/duo.cer \
> > > > --key
> /home/oracle/CSR_EJBCA_duo2/duo/duo.teka.kz.key --pass
> > > welcome123 \
> > > > --cacert /home/oracle/BTAIpotekaCA.cacert.pem
> > > >
> > > > I cannot use CA "ROOTCA.TEKA.KZ
> <http://ROOTCA.TEKA.KZ> <http://ROOTCA.TEKA.KZ>
> > <http://ROOTCA.TEKA.KZ>
> > > <http://rootca.teka.kz/>" as it has too
> > > > strong key which is not supported by my eToken
> Client; I
> > had to
> > > create one
> > > > more CA "BTA Ipoteka CA" with shorter key length.
> > > > What steps to do if certificates for customer
> devices are
> > emitted
> > > by CA
> > > > "BTA Ipoteka CA" but initial CA is "ROOTCA.TEKA.KZ
> <http://ROOTCA.TEKA.KZ>
> > <http://ROOTCA.TEKA.KZ>
> > > <http://ROOTCA.TEKA.KZ> <http://rootca.teka.kz/>"
> > > > and JBoss certificate is for initial CA.
> > > > Probably some reconfiguration are to be done on
> JBoss to
> > let one
> > > receive
> > > > requests for new CA also ?
> > > >
> > > > thank you for your great job, Timur.
> > > >
> > > >
> > > >
> > > > 2014-06-07 17:07 GMT+06:00 Branko Majic
> <br...@ma... <mailto:br...@ma...>
> > <mailto:br...@ma... <mailto:br...@ma...>>
> > > <mailto:br...@ma... <mailto:br...@ma...>
> <mailto:br...@ma... <mailto:br...@ma...>>>>:
> > > >
> > > > > On Fri, 6 Jun 2014 23:06:26 +0600
> > > > > Тимур <tim...@gm...
> <mailto:tim...@gm...>
> > <mailto:tim...@gm...
> <mailto:tim...@gm...>>
> > > <mailto:tim...@gm...
> <mailto:tim...@gm...>
> > <mailto:tim...@gm...
> <mailto:tim...@gm...>>>> wrote:
> > > > >
> > > > > > Hello, dears
> > > > > >
> > > > > > I have successfuly installed EJBCA 6.1.1, JBoss
> > 7.1.1.Final,
> > > openjdk 6,
> > > > > > Oracle 9.2.0.5, ojdbc6.jar, on Ubuntu Linux
> ("13.04,
> > Raring
> > > Ringtail").
> > > > > No
> > > > > > any deployment and
> > > > > > installation mistakes for this software
> combination. I
> > have
> > > successfully
> > > > > > created all profiles , add entuty and I have
> issued my
> > first
> > > > > > SSL-certificate and write one to USB HSM with
> eToken
> > Client.
> > > So, I have
> > > > > > full-functional EJBCA 6.1.1 at present.
> > > > > > I have a custom java-application which uses eToken
> > > authentication and
> > > > > this
> > > > > > java-application worked fine with previous
> version of
> > EJBCA
> > > and I need to
> > > > > > organize connectivity between this
> java-application and
> > > EJBCA. There is a
> > > > > > parameter for EJBCA URL in java-application config
> > file and I
> > > pointed out
> > > > > > this parameter to "https://10.62.2.88:8443/ejbca".
> > > > > > Java-application uses jdk cacerts and I
> imported issued
> > > certificate with
> > > > > CA
> > > > > > certificate of EJBCA to cacerts but no
> connection yet.
> > > > > > Checking connectivity to EJBCA by curl utility
> also gives
> > > negative
> > > > > result:
> > > > > >
> > > > > > CA-certificate in PEM-format:
> > > > > >
> > > > > > [oracle@duo ~]$ curl -v
> "https://10.62.2.88:8443/ejbca" -E
> > > > > > /home/oracle/CSR_EJBCA_duo2/certs_x509/duo.cer
> --key
> > > > > > /home/oracle/CSR_EJBCA_duo2/duo/duo.teka.kz.key
> --pass
> > > > > >
> > > > > > welcome123 --cacert
> /home/oracle/BTAIpotekaCA.cacert.pem
> > > > > > * About to connect() to 10.62.2.88 port 8443
> > > > > > * Trying 10.62.2.88... * connected
> > > > > > * Connected to 10.62.2.88 (10.62.2.88) port 8443
> > > > > > * successfully set certificate verify locations:
> > > > > > * CAfile: /home/oracle/BTAIpotekaCA.cacert.pem
> > > > > > CApath: none
> > > > > > * SSL certificate problem, verify that the CA
> cert is OK.
> > > Details:
> > > > > > error:14090086:SSL
> > > routines:SSL3_GET_SERVER_CERTIFICATE:certificate
> > > > > verify
> > > > > > failed
> > > > > >
> > > > > > CA-certificate in BASE-64 format:
> > > > > >
> > > > > > [oracle@duo ~]$ curl -v
> > "https://10.62.2.88:8443/ejbca" -E
> > > > > > /home/oracle/CSR_EJBCA_duo2/certs_x509/duo.cer
> --key
> > > > > > /home/oracle/CSR_EJBCA_duo2/duo/duo.teka.kz.key
> --pass
> > > > > >
> > > > > > welcome123 --cacert
> > > /home/oracle/BTAIpotekaCA.cacert-base64.cer --sslv3
> > > > > > --trace-ascii /tmp/curl.log
> > > > > > curl: (60) SSL certificate problem, verify that
> the CA
> > cert
> > > is OK.
> > > > > Details:
> > > > > > error:14090086:SSL
> > > routines:SSL3_GET_SERVER_CERTIFICATE:certificate
> > > > > verify
> > > > > > failed
> > > > > > More details here:
> http://curl.haxx.se/docs/sslcerts.html
> > > > > >
> > > > > > EJBCA console log contains no records to
> understand why no
> > > connectivity
> > > > > to
> > > > > > EJBCA.
> > > > > > Could you please to help to find out which URL
> must be
> > used
> > > to connect to
> > > > > > EJBCA for authentication ? If
> > "https://10.62.2.88:8443/ejbca" is
> > > > > correct
> > > > > > what's the reason
> > > > > > of trouble with EJBCA connection ?
> > > > > >
> > > > > > thank you, Timur.
> > > > >
> > > > > Hello Timur,
> > > > >
> > > > > The problem you are facing happens during the TLS
> handshake
> > > between the
> > > > > server and client, where (at least) client is
> unable to
> > verify the
> > > > > certificate presented by JBoss.
> > > > >
> > > > > Since the TLS is handled by JBoss, you won't get any
> > useful logging
> > > > > messages from EJBCA. In fact, not even JBoss as
> such will
> > > produce any
> > > > > useful debugging info. You could try enabling
> debugging
> > of TLS
> > > > > handshake via JAVA_OPTS, though.
> > > > >
> > > > > I've noticed you are using the IP address for
> connecting to
> > > JBoss/EJBCA
> > > > > - are you sure that you have this IP address
> specified
> > in your
> > > server
> > > > > certificate (on JBoss)? If not, that is your problem.
> > The IP,
> > > FQDN, or
> > > > > hostname used for connecting has to be part of
> > subjectAltName
> > > DNS name
> > > > > (or, if subjectAltName DNS name is not present,
> CN has
> > to be used).
> > > > >
> > > > > As a side-note, you should avoid using IP address in
> > > certificates or
> > > > > for TLS connections in general, and instead rely
> on FQDN or
> > > hostname,
> > > > > with FQDN being the recommended thing to use.
> > > > >
> > > > > I hope this explanation will help you a bit :)
> > > > >
> > > > > Best regards
> > > > >
> > >
> > > Hello Timur,
> > >
> > > If you are getting a validation error on port 8442,
> that is
> > probably
> > > the client-side validation failing. Keep in mind that
> if you
> > deploy
> > > EJBCA on JBoss using default ports, port 8442 does _not_
> > require client
> > > certificate authentication.
> > >
> > > You could test if JBoss will return anything at all to
> you on
> > port 8442
> > > with wget --no-check-certificate (just to see if
> content gets
> > served),
> > > and then try to figure out why your client fails to
> validate
> > the server
> > > certificate.
> > >
> > > If the JBoss certificate was issued by ROOTCA.TEKA.KZ
> <http://ROOTCA.TEKA.KZ>
> > <http://ROOTCA.TEKA.KZ>
> > > <http://ROOTCA.TEKA.KZ>, you will most
> > > definitively need to have this CA certificate in the
> > truststore of your
> > > client.
> > >
> > > As for trusted client certificates on (for EJBCA commonly)
> > port 8443,
> > > you will need to update the JBoss truststore to
> contain the
> > new CA
> > > certificate (used for issuing client certificates).
> > >
> > > Best regards
> > >
> > > --
> > > Branko Majic
> > > Jabber: br...@ma... <mailto:br...@ma...>
> <mailto:br...@ma... <mailto:br...@ma...>>
> > <mailto:br...@ma... <mailto:br...@ma...>
> <mailto:br...@ma... <mailto:br...@ma...>>>
> > > Please use only Free formats when sending attachments
> to me.
> > >
> > > Бранко Мајић
> > > Џабер: br...@ma... <mailto:br...@ma...>
> <mailto:br...@ma... <mailto:br...@ma...>>
> > <mailto:br...@ma... <mailto:br...@ma...>
> <mailto:br...@ma... <mailto:br...@ma...>>>
> > > Молим вас да додатке шаљете искључиво у слободним
> форматима.
> > >
> > >
> >
> ------------------------------------------------------------------------------
> > > Learn Graph Databases - Download FREE O'Reilly Book
> > > "Graph Databases" is the definitive new guide to graph
> > databases and
> > > their
> > > applications. Written by three acclaimed leaders in
> the field,
> > > this first edition is now available. Download your
> free book
> > today!
> > > http://p.sf.net/sfu/NeoTech
> > > _______________________________________________
> > > Ejbca-develop mailing list
> > > Ejb...@li...
> <mailto:Ejb...@li...>
> > <mailto:Ejb...@li...
> <mailto:Ejb...@li...>>
> > > <mailto:Ejb...@li...
> <mailto:Ejb...@li...>
> > <mailto:Ejb...@li...
> <mailto:Ejb...@li...>>>
> > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop
> > >
> > >
> > >
> > >
> > >
> >
> ------------------------------------------------------------------------------
> > > Open source business process management suite built on
> Java and
> > Eclipse
> > > Turn processes into business applications with Bonita BPM
> > Community Edition
> > > Quickly connect people, data, and systems into organized
> workflows
> > > Winner of BOSSIE, CODIE, OW2 and Gartner awards
> > > http://p.sf.net/sfu/Bonitasoft
> > >
> > >
> > >
> > > _______________________________________________
> > > Ejbca-develop mailing list
> > > Ejb...@li...
> <mailto:Ejb...@li...>
> > <mailto:Ejb...@li...
> <mailto:Ejb...@li...>>
> > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop
> > >
> >
> >
> ------------------------------------------------------------------------------
> > Open source business process management suite built on Java
> and Eclipse
> > Turn processes into business applications with Bonita BPM
> Community
> > Edition
> > Quickly connect people, data, and systems into organized
> workflows
> > Winner of BOSSIE, CODIE, OW2 and Gartner awards
> > http://p.sf.net/sfu/Bonitasoft
> > _______________________________________________
> > Ejbca-develop mailing list
> > Ejb...@li...
> <mailto:Ejb...@li...>
> > <mailto:Ejb...@li...
> <mailto:Ejb...@li...>>
> > https://lists.sourceforge.net/lists/listinfo/ejbca-develop
> >
> >
> >
> >
> >
> ------------------------------------------------------------------------------
> > Open source business process management suite built on Java and
> Eclipse
> > Turn processes into business applications with Bonita BPM
> Community Edition
> > Quickly connect people, data, and systems into organized workflows
> > Winner of BOSSIE, CODIE, OW2 and Gartner awards
> > http://p.sf.net/sfu/Bonitasoft
> >
> >
> >
> > _______________________________________________
> > Ejbca-develop mailing list
> > Ejb...@li...
> <mailto:Ejb...@li...>
> > https://lists.sourceforge.net/lists/listinfo/ejbca-develop
> >
>
> ------------------------------------------------------------------------------
> Open source business process management suite built on Java and Eclipse
> Turn processes into business applications with Bonita BPM Community
> Edition
> Quickly connect people, data, and systems into organized workflows
> Winner of BOSSIE, CODIE, OW2 and Gartner awards
> http://p.sf.net/sfu/Bonitasoft
> _______________________________________________
> Ejbca-develop mailing list
> Ejb...@li...
> <mailto:Ejb...@li...>
> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
>
>
>
>
> ------------------------------------------------------------------------------
> Open source business process management suite built on Java and Eclipse
> Turn processes into business applications with Bonita BPM Community Edition
> Quickly connect people, data, and systems into organized workflows
> Winner of BOSSIE, CODIE, OW2 and Gartner awards
> http://p.sf.net/sfu/Bonitasoft
>
>
>
> _______________________________________________
> Ejbca-develop mailing list
> Ejb...@li...
> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
>
|
