On 29/08/2023 21:28, Loeschmann, Lori wrote:
Hello,
We have a Tomcat application which authenticates via CAS. The application and
CAS reside on different servers.
We also have an internal audit process that flags files on these servers when
they change. It's a retroactive review of authorized changes.
When the SSL certificate was updated on the CAS server, the timestamp on the
application.war and war-tracker files also changed, so these files were
flagged. The war file was NOT redeployed. There are other application war files
on the same server whose timestamps did NOT change. I need to provide a
justification for the timestamp change, but I can't think of any reason why it
would have happened by updating the CAS SSL cert on a different server.
I appreciate any insights you may have to share.
There is no reason for any such change in a default Tomcat installation.
All I can suggest is that you review the Tomcat instance and the
deployed web applications for any <WatchedResource> elements that refer
to the TLS certificate. I can't think of any other reason for the web
application to be redeployed.
Is there anything in the logs? Anything that updates the war-tracker
file should also create at least one log message.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
