-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Daniel,
On 9/16/20 09:37, Daniel Skiles wrote:
> In case anyone finds this thread in a search engine in a few
> years,
I was
> able to get this to work. Here are some notes if you are using
> JSSE.
>
> * The operation is addSslHostConfig on the Pr
In case anyone finds this thread in a search engine in a few years, I was
able to get this to work. Here are some notes if you are using JSSE.
* The operation is addSslHostConfig on the ProtocolHandler Mbean.
* You must have org.apache.tomcat:tomcat-coyote on your classpath.
* You must create bo
> Did you try it?
I've been unable to try it through JConsole or Visual VM. JConsole throws
an error indicating that it can't load the remote class, and Visual VM
disables the method. It looks like it takes a complex object, and I do not
have enough experience with Tomcat, or MBeans in general,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Daniel,
On 9/11/20 17:06, Daniel Skiles wrote:
> I've gotten my _default_ SNI SSLHostConfig working. Thank you for
> the help.
Excellent.
>> Perhaps that method could have a better name, like
>> reinitializeSSLHostConfigs. "reload" implies that i
I've gotten my _default_ SNI SSLHostConfig working. Thank you for the help.
> Perhaps that method could have a better name, like
reinitializeSSLHostConfigs. "reload" implies that it re-reads the
server.xml which is not the case. At least the documentation should
probabyl be better.
If the serve
> In your case, where did you rediscover reloadSslHostConfigs?
To be honest, I wandered around in the JMX console until I found something
that looked promising.
> You'll want to "set" the value of the attribute "certificateKeyAlias".
Thank you for your help. I'll give that a try.
On Fri, Sep 1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Daniel,
On 9/10/20 16:39, Daniel Skiles wrote:
>> Also note that calling reloadSslHostConfigs does NOT re-read
>> server.xml. It re-initializes the existing in-memory
>> configuration. If you want to e.g. change the key alias, you'll
>> have to make
> Also note that calling reloadSslHostConfigs does NOT re-read server.xml.
It re-initializes the existing in-memory configuration. If you want to e.g.
change the key alias, you'll have to make a JMX call to update the alias
and THEN call reloadSslHostConfigs.
*THAT *is probably my problem. Do yo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Daniel,
On 9/10/20 13:33, Daniel Skiles wrote:
> In this case, I didn't remove every certificate, but I did remove
> the certificate that was originally being referenced after adding a
> new certificate under a new alias.
>
> Original Keystore: Alia
In this case, I didn't remove every certificate, but I did remove the
certificate that was originally being referenced after adding a new
certificate under a new alias.
Original Keystore:
Alias A
Server.xml _default_ SSLHostConfig points to Alias A
After Modification:
Alias B
Server.xml _default_
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Daniel,
On 9/10/20 09:09, Daniel Skiles wrote:
> Is it possible to change the keystore alias of the _default_
> SSLHostConfig's certificate while tomcat is running?
>
> At present, I'm trying to move the _default_ certificate from one
> certificate
Is it possible to change the keystore alias of the _default_
SSLHostConfig's certificate while tomcat is running?
At present, I'm trying to move the _default_ certificate from one
certificate in my keystore, to another. I modify the server.xml, then I
call the reloadSslHostConfigs MBean operation
12 matches
Mail list logo
