tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <>
Subject Re: repost: question on updates to cert store
Date Sat, 01 Nov 2003 06:29:11 GMT

"Bill Harrelson" <> wrote in message
> I apologize for the repost, but I need to solve this problem pretty
quickly, and I worry
> that with the volume on this list, anything unanswered for two days is
> This is a question that I can't find the answer to anywhere:
> If I add a certifcate to my keystore, will Tomcat see it immediately (or
soon) or
> do I have to bounce Tomcat to get it to reload it's internal keystore

Tomcat hands off all of the keystore management to your vendor's JSSE
implementation, so there really isn't a one-size-fits-all answer.  You'll
have to ask your vendor if they cache certs, and/or if they re-load the
cache.  The only safe answer that will work always is to bounce Tomcat.

> If I have to bounce Tomcat, is there any programmatic way to make
> Tomcat reload its keystore or a way for some external program to tell it
to bounce
> itself?

In theory, you could use JMX to stop and start the Connector.   Never tried
it myself.

> Thanks in advance,
> Bill

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message