Can anybody tell me whether or not updating a CRL (by that I mean the actual CRL content, not the URL of it in the CA certificate) requires a JBoss restart?
I'm guessing no, since the whole point of it is to provide a completely independent mechanism for managing invalid certificates, and if many servers had the CA certificate (which specified a CRL URL) in their truststores, then each server would have to be restarted - I can't see that really being acceptable.
But paranoia prevails, and I have to ask the question :-)
... by the way my JBoss version is 4.0.5GA.
Is there some issue with using CRLs with this version of JBoss?
I've read here and there that there could be, something about recompiling with java 5?