[
https://issues.apache.org/jira/browse/JAMES-3906?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17719179#comment-17719179
]
Karsten Otto commented on JAMES-3906:
-------------------------------------
Java Security is not really designed to do hot reloading of crypto material.
Normally you set it up once on application start and stick with it.
Consequently, making hot reloading work is quite a bit of pain. You basically
have to implement your own X509KeyManager for this, and possibly your own
security provider. Messing with the internals of Java Security is ... not fun.
On the other hand, if you need the service uptime, you will likely use the
distributed version of James anyway, i.e. a cluster of James instances behind a
load balancer. Then, you can easily do a rotating restart to update James
settings, including crypto material.
> Add hot reloading/updating witht restart of the certificate
> -----------------------------------------------------------
>
> Key: JAMES-3906
> URL: https://issues.apache.org/jira/browse/JAMES-3906
> Project: James Server
> Issue Type: New Feature
> Reporter: Wojtek
> Priority: Minor
>
> It would be great to be able to update the certificate without restarting the
> server, reloading the certificate from the file and/or updating it via REST
> API
>
> Mailing list thread:
> https://www.mail-archive.com/server-dev@james.apache.org/msg73127.html
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
