Chris,
Peter Kreuser > Am 27.12.2019 um 21:14 schrieb Christopher Schultz > <ch...@christopherschultz.net>: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > >> <snip> > but the idea is that certbot has "plug-ins" and we'd need to > supply a "tomcat" plug-in that did things like this. I'm not sure > where the best place to keep configuration would be. Someone who > understands certbot (or autobot, etc.) would be a better resource than m > e. > >>> Or did you think about a bin/version.sh type script? That would >>> get a +1 from me. > > What do you mean? Like you said something like tomcatctl graceful that you could just simply call from $CATALINA_BASE/bin. Maybe another option to catalina.sh that just calls the internals of tomcat. Restarting the whole tomcat with big webapps is simply not an option. > >>> What I don't like is, that one needs to add credentials in >>> tomcat-users.xml and expose the manager-interface. > You can use other authentication mechanisms... it's just that usually > nobody bothers since it's easy to configure tomcat-users.xml. Exposing > the manager interface is a bit of pain, but it can be scripted. Our > deployments install a proper tomcat-users.xml file and enable the > manager, locked-down to localhost connections. The way it is right now works. But it’s simply not for the regular admin. The frequent questions about the initial setup of the manager app and the clumsy jmx activation show that - in my opinion. (We’re not even talking about auth or ssl for jmx)! Peter > - -chris > -----BEGIN PGP SIGNATURE----- > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl4GZh8ACgkQHPApP6U8 > pFjw8hAAqpsfbF/25K9A8l6ZFLoLrO+9C7z+86i1KLI/91VMylTxe/9Im8+Id/jG > 4AOXOov5m8SvzBQIDnjnSbUrVAvZ9J36pzlH4FoAxDQoZY3DWmyGPPa7S56OKG0g > Ha3rS5QziBjV9XbSuCL+6hbt4VBLVY0aRT9dvkDahiN42j2cczc2AOi1GxSf1WbY > iIYO8c1yfJvF/4wo7lBE6WpLRJb3RVI9psRuDm/yaMGY/nBzzNbYvhgB+pM/m0dw > Ls+w2HC6X8dq+0jV33FH1MdEY6yroH2gapclLcaeJ1yB2uke2cvGo0/vi3MdzOYK > CndNSfQrXTeyawWcgj4DjQZy9koBeXfdDXC18cFOKLvceMmV6UG8jwSBSVDjhYml > Ut9W7+GPYn8fBej9I/PaLRB3VAS47pRjY6MjA+AEMZxdowyOiNpc6E5snP4N+J9u > s3wTL9gfPGIOrrIilSPD9eIIHGExZ5na3FxuVV1grGSOMAq8EoJRn9iCBjyrYwuF > JsKXtvG2e91r/pvSL/zTDufoZysVvf4aUrgnxA9kY8lp+3O6+3U/5FTLWWtc7Fcj > ljjb87yda57Zvb/KU95GBakDt8+3fbMMyhHeUAANWrSMPIN5astpacBdDRD5F1KH > HNW5QTmxG56D0yaM3/pKPpoFBMqojtCen6MO8ZVkSN9Qv4H3NKo= > =SHiE > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
