-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Chris,

On 8/24/17 4:03 PM, Chris Cheshire wrote:
> Cheers :)
> 
> On Thu, Aug 24, 2017 at 3:35 PM, Mark Thomas <ma...@apache.org>
> wrote:
> 
>> On 24/08/17 19:50, Chris Cheshire wrote:
>>> Currently I am using httpd to handle SSL (because my certs are
>>> generated via LE) with all content being passed off to Tomcat 7
>>> (investigating 8.5 upgrade).
>>> 
>>> I had a poke around on the archives and found mention of a talk
>>> on it in
>> a
>>> conference in Miami.
>>> 
>>> http://tomcat.10.x6.nabble.com/Dynamic-reloading-of-SSL-
>> certificates-tt5059619.html#a5059673
>>> 
>>> Did this happen? I looked in the Tomcat youtube channel and
>>> found a
>> handful
>>> of videos from there, but nothing on LE. Is it something that
>>> is still in the "we'd like to find time to do it, but don't
>>> know who or when" phase,
>> or
>>> something that is being worked on for Tomcat 9?
>> 
>> We only had video for the final day in Miami. But we have audio
>> for the others.
>> 
>> http://tomcat.apache.org/presentations.html

There are two items here:

1. Can Tomcat be configured and scripted for LE (pretty easy)
2. Tomcat can (with caveats) reload the certificate store

I have not made any progress on #2. The Tomcat/LE presentation in the
above link mentions we'll be trying to implement seamless reloading,
but it's not done, yet. The presentation shows you how to reload it in
a potentially disruptive way (because the connector is stopped and
re-started, killing any in-flight requests).

So it's not great, but it IS possible.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJZnzcTAAoJEBzwKT+lPKRYfWYQALNPjuHyvxRFXucEfRAWiPNH
XhLlu5cA2l0Cc5ZrvgwWbws4Ljyg7OSaE3xPI3hUSL6k4PT92KQpNnq7zJXNVOqc
zr/vD51KpvXxWJMJKIN2xWvGqdTLY2PsMPIn3LvG+QwC11iD4c+EC0dsMyDJR58/
wd5twkH8Hx+ucGugodkC7uVlgAr5K7xdmRGVBiUgACIzBEfuwyi/CsaQG6fzWPWa
KVUDxcpgP1lIe3k+8EbuD2lEwtaH8wprLr9J58bjclrbB+XNwP/hmJgLQUnG4rkp
s824HwNbn+zVE8rTPOQHgh51nhC0lFgo+QCrIKffE7Z6IkIKpTlugrCoA3TO6l4p
pQOC72FcDP2vR0oNTT7CipCcvNEqqTnANuowAV6EK3ObFGtdwYI7LSJ4heVBRqet
8AJCiGXypw84SDVFOOC479vZjzMtIAQUgr0kTTIck/TTp/Rd7Y9Qgf+BqxOFw4oL
dcOp1Ndx8aYEuX8SON2BSw/Il79v5CH/p9f4IkC7untScu2piI65GmFCXUqKA46h
kVpIF+7hCz88A4B/XQOMyUuhW5uiAb/OXxWWgSkxlyU9QaVwe3gNy5Nzka+RfMB1
W9Z3C8nsjz3O3D/GNPyqLdFn3QsCTq6U4Tu0XraJLe/jGMjzmkzva7Zhie2PXEyl
6u06+djW9i8p9OmO5GEo
=ZQlB
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to