Mark, On 6/27/18 4:59 PM, Mark Thomas wrote: > On 27/06/18 17:21, Christopher Schultz wrote: >> Romain, >> >> On 6/27/18 11:50 AM, Romain Manni-Bucau wrote: >>> up? any hope we have live reloading of certs in tomcat? >> >> Yup. Recent versions allow you to reload the SSLHostConfigs. >> >> I was getting ready to update my presentation on Let's Encrypt, >> actually, so this was a good nudge to actually do that. >> >> I thought the operation would be exposed via JMX, but it does not >> appear to be so. It's in the Manager application. >> >> Have a look at what ManagerServlet.sslReload() does. >> >> markt, > > Probably better to ask the dev list as a whole rather than just me. My > view should carry the same weight as every one else's.
Agreed. I just knew that you happened to have written this code and maybe you'd say something like ... >> any objection to taking this code and putting it into the >> Connector under the public method reloadSSLHostConfig to make it (a) >> accessible via JMX and (b) easy to access? > > Yes. > > The operations are already accessible via JMX on the ProtocolHandlers. > As the refactoring has progressed there has been a steady shift away > from duplicating attributes and methods between the Connector, Protocol > and endpoint. I think there will always need to be some duplication but > it has been trending downwards. The (somewhat related) operations I see on the ProtocolHandler are: findSslHostConfigs addSslHostConfig Let's say I want to trigger a CRL or keystore reload via the JMXProxyServlet. How would I go about doing that using the above methods? Or am I missing something? -chris
signature.asc
Description: OpenPGP digital signature
