Thanks Remy. -----Original Message----- From: Rémy Maucherat <r...@apache.org> Sent: Monday, July 21, 2025 2:54 PM To: Tomcat Users List <users@tomcat.apache.org> Subject: Re: Apache Tomcat 11 TLSCertificateReloadListener
On Mon, Jul 21, 2025 at 11:15 AM S Abirami <s.abir...@ericsson.com.invalid> wrote: > > > Hi All, > > We are looking for listener to monitor if it's a new certificate or an > updated one in the certificate and perform SSL reload. In Tomcat 11.0.9, we > noticed a listener class and the tomcat document says that it only monitors > the expiry date if certificate and trigger an event which can be used to > reload the SSL configuration. > The listener will reload an existing TLS certificate when it gets close to expiration. ANother process will need to replace the existing certificate file with an updated one. By default, the checks start 14 days before expiration, and it checks once a day. There is normally no need to reload a certificate that is not expired, it stays in memory and it is fine. You can safely update the file during that time. This is not a "do everything automagically" listener. I don't think such a thing is a very good idea, usually you want to know for sure what is going on with this sort of functionality. Rémy > In Chatgpt, it provides information that it also monitors if it's a new > certificate or an updated one in the certificate. > > Please let us know chatgpt shared information is right (or) wrong. > > Regards, > Abirami.S --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
