tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 60762] Enhancement: Add support for runtime SNI changes in tomcat-embed
Date Wed, 22 Feb 2017 17:47:34 GMT

--- Comment #2 from Jesse <> ---
In version 8.5.9 that we are running it looks like that method calls
putIfAbsent against the sslHostConfigs map, throwing an
IllegalArgumentException if there is a duplicate SSLHostConfig object for the
given key/hostname.  From what I can tell there is no existing public method in
8.5.9 to modify an existing SSLHostConfig once loaded, additionally the methods
to do so properly with regard to ssl context release/create are protected. 
Please correct me if my understanding of this is wrong.

Also, in the case where an SSL certificate or SSLHostConfig object needs to be
removed for any reason, this method would not suffice with either behavior.

When you say that the new SSLHostConfig has no effect without bouncing the
whole connector, is this in a newer tomcat version?  Or do you refer to the
newly created SSLHostConfig object that we are creating and putting in the
sslHostConfigs map?  In the latter case we definitely are seeing the newly
created SSLHostConfig object taking effect and new requests to it's hostname
are being served the corresponding certificate.

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message