[
https://issues.apache.org/jira/browse/DIRSERVER-1373?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12716631#action_12716631
]
Stefan Seelmann commented on DIRSERVER-1373:
--------------------------------------------
Thanks Kiran for the patch. I seems to work, I'll continue to play with it, as
I want to add some more certificate tests to studio.
I only have a minor problem running the server's integration tests. I think the
cause is that if a previous test injected a new certificate and a later test
expects the previous certificate. I solved it by calling
ldapService.reloadSslContext() in the @Before method.
In the end it would be cool to reload the SSL context automatically when the
certificate of uid=admin,ou=system gets updated. However when using the
changLog feature (i.e. in integration tests) the DirectoryService.revert()
operation must make sure to reload the SSL context if the certificate is
updated.
And a last question: What happens to established SSL or StartTLS sessions when
calling reloadSslContext? Are they killed or do they continue to use the old
certificate?
> Update of server certificate in uid=admin,ou=system only takes effect after
> restart
> -----------------------------------------------------------------------------------
>
> Key: DIRSERVER-1373
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1373
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.5.4
> Reporter: Stefan Seelmann
> Fix For: 1.5.5
>
> Attachments: DIRSERVER-1373-testcases-UPDATED.patch,
> DIRSEVER-1373-Testcases.patch
>
>
> When I update the privateKey, publicKey and userCertificate in
> uid=admin,ou=system and start a new StartTLS session, the server still uses
> the old certificate. After a restart the server uses the new certificate.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
