-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Chris,
On 8/24/17 4:03 PM, Chris Cheshire wrote: > Cheers :) > > On Thu, Aug 24, 2017 at 3:35 PM, Mark Thomas <[email protected]> > wrote: > >> On 24/08/17 19:50, Chris Cheshire wrote: >>> Currently I am using httpd to handle SSL (because my certs are >>> generated via LE) with all content being passed off to Tomcat 7 >>> (investigating 8.5 upgrade). >>> >>> I had a poke around on the archives and found mention of a talk >>> on it in >> a >>> conference in Miami. >>> >>> http://tomcat.10.x6.nabble.com/Dynamic-reloading-of-SSL- >> certificates-tt5059619.html#a5059673 >>> >>> Did this happen? I looked in the Tomcat youtube channel and >>> found a >> handful >>> of videos from there, but nothing on LE. Is it something that >>> is still in the "we'd like to find time to do it, but don't >>> know who or when" phase, >> or >>> something that is being worked on for Tomcat 9? >> >> We only had video for the final day in Miami. But we have audio >> for the others. >> >> http://tomcat.apache.org/presentations.html There are two items here: 1. Can Tomcat be configured and scripted for LE (pretty easy) 2. Tomcat can (with caveats) reload the certificate store I have not made any progress on #2. The Tomcat/LE presentation in the above link mentions we'll be trying to implement seamless reloading, but it's not done, yet. The presentation shows you how to reload it in a potentially disruptive way (because the connector is stopped and re-started, killing any in-flight requests). So it's not great, but it IS possible. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJZnzcTAAoJEBzwKT+lPKRYfWYQALNPjuHyvxRFXucEfRAWiPNH XhLlu5cA2l0Cc5ZrvgwWbws4Ljyg7OSaE3xPI3hUSL6k4PT92KQpNnq7zJXNVOqc zr/vD51KpvXxWJMJKIN2xWvGqdTLY2PsMPIn3LvG+QwC11iD4c+EC0dsMyDJR58/ wd5twkH8Hx+ucGugodkC7uVlgAr5K7xdmRGVBiUgACIzBEfuwyi/CsaQG6fzWPWa KVUDxcpgP1lIe3k+8EbuD2lEwtaH8wprLr9J58bjclrbB+XNwP/hmJgLQUnG4rkp s824HwNbn+zVE8rTPOQHgh51nhC0lFgo+QCrIKffE7Z6IkIKpTlugrCoA3TO6l4p pQOC72FcDP2vR0oNTT7CipCcvNEqqTnANuowAV6EK3ObFGtdwYI7LSJ4heVBRqet 8AJCiGXypw84SDVFOOC479vZjzMtIAQUgr0kTTIck/TTp/Rd7Y9Qgf+BqxOFw4oL dcOp1Ndx8aYEuX8SON2BSw/Il79v5CH/p9f4IkC7untScu2piI65GmFCXUqKA46h kVpIF+7hCz88A4B/XQOMyUuhW5uiAb/OXxWWgSkxlyU9QaVwe3gNy5Nzka+RfMB1 W9Z3C8nsjz3O3D/GNPyqLdFn3QsCTq6U4Tu0XraJLe/jGMjzmkzva7Zhie2PXEyl 6u06+djW9i8p9OmO5GEo =ZQlB -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
