tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: repost: question on updates to cert store
Date Sat, 01 Nov 2003 06:29:11 GMT

"Bill Harrelson" <brooksharrelson@cs.com> wrote in message
news:3FA21C15.15407.26654BF7@localhost...
> I apologize for the repost, but I need to solve this problem pretty
quickly, and I worry
> that with the volume on this list, anything unanswered for two days is
lost.
>
> This is a question that I can't find the answer to anywhere:
>
> If I add a certifcate to my keystore, will Tomcat see it immediately (or
soon) or
> do I have to bounce Tomcat to get it to reload it's internal keystore
instance?
>

Tomcat hands off all of the keystore management to your vendor's JSSE
implementation, so there really isn't a one-size-fits-all answer.  You'll
have to ask your vendor if they cache certs, and/or if they re-load the
cache.  The only safe answer that will work always is to bounce Tomcat.

> If I have to bounce Tomcat, is there any programmatic way to make
> Tomcat reload its keystore or a way for some external program to tell it
to bounce
> itself?
>

In theory, you could use JMX to stop and start the Connector.   Never tried
it myself.

> Thanks in advance,
>
> Bill




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message