From 49fb6b7f74a0de77ee4fb1ec0f1fa1fabb82681a Mon Sep 17 00:00:00 2001
From: Matthew Vivian <matthew.vivian@surevine.com>
Date: Tue, 3 Dec 2024 09:31:00 +0000
Subject: [PATCH] chore: Update java.security with new from Openfire

This file has been updated in Openfire to enable CRL downloading, so I'm porting it into this project as we use a copy of the security directory and overwrite the original.
---
 federation/xmpp/1/conf/security/java.security | 5 ++++-
 federation/xmpp/2/conf/security/java.security | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/federation/xmpp/1/conf/security/java.security b/federation/xmpp/1/conf/security/java.security
index 4b7a999..6ec4c18 100644
--- a/federation/xmpp/1/conf/security/java.security
+++ b/federation/xmpp/1/conf/security/java.security
@@ -1,2 +1,5 @@
 # Enable client-driven OCSP
-ocsp.enable=true
\ No newline at end of file
+ocsp.enable=true
+
+# Enable CRL Distribution Points extension in certificates (download CRL from URL in certificate)
+org.bouncycastle.x509.enableCRLDP=true
\ No newline at end of file
diff --git a/federation/xmpp/2/conf/security/java.security b/federation/xmpp/2/conf/security/java.security
index 4b7a999..6ec4c18 100644
--- a/federation/xmpp/2/conf/security/java.security
+++ b/federation/xmpp/2/conf/security/java.security
@@ -1,2 +1,5 @@
 # Enable client-driven OCSP
-ocsp.enable=true
\ No newline at end of file
+ocsp.enable=true
+
+# Enable CRL Distribution Points extension in certificates (download CRL from URL in certificate)
+org.bouncycastle.x509.enableCRLDP=true
\ No newline at end of file