Hello, in order to improve management of our servers I would like to
implement the ability to timely reload Tomcat TLS configuration so to
make tomcat aware of renewed certificates
I have seen that in the manager web application I can reload TLS
configuration with the Re Read button in the Re-read TLS configuration
files section.
Reading documentation at
https://tomcat.apache.org/tomcat-8.5-doc/manager-howto.html#Reload_TLS_configuration
I have seen that it doesn't parse server.xml, so I guess this function
is not going to load new certificates if a SSLHostConfig is added to
server.xml . Right?
So my questions are:
1) has anyone tried to write something callable outside tomcat to induce
it to reload certificates starting form the code in
ManagerServlet.java.sslReload method?
2) if no one is aware of such a try, I guess that the shortest path
would be to not reimplement the whole process but write a script that calls
http://localhost:8080/manager/text/sslReload?tlsHostName=name
Am I right ? Better suggestions?
3) However If this is not going to load new certificates It would solve
only (a certainly big) part of my problem. Is there any suggestion or
starting point to implement also this feature?
TIA in advance
--
Archimede Informatica tratta i dati personali in conformità a quanto
stabilito dal Regolamento UE n. 2016/679 (GDPR) e dal D. Lgs. 30 giugno
2003 n. 196
per come modificato dal D.Lgs. 10 agosto 2018 n. 101.
Informativa completa
<http://www.archicoop.it/fileadmin/pdf/InformativaTrattamentoDatiPersonali.pdf>
dott. Ivano Mario Luberti
Archimede Informatica società cooperativa a r. l.
Via Gereschi 36, 56127 Pisa
tel.: +39 050/580959 | fax: +39 050/8932061
web: www.archicoop.it
linkedin: www.linkedin.com/in/ivanoluberti
facebook: www.facebook.com/archimedeinformaticapisa/