> On Mar 10, 2024, at 12:39, Jerry Lin <je...@lincircle.com> wrote: > > For those of us with a publicly accessible instance of Tomcat (e.g. not > behind Apache), is there a good way of having a renewed SSL/HTTPS > certificate take effect without restarting Tomcat?
Presumably, you mean “not behind https", since “Apache” refers to the organization that develops and maintains a plethora of software products. If you’re running on a supported version of Tomcat (you didn’t tell us what level you’re using), you can configure the TLS config listener: https://tomcat.apache.org/tomcat-10.1-doc/config/listeners.html#TLS_configuration_reload_listener_-_org.apache.catalina.security.TLSCertificateReloadListener https://tomcat.apache.org/tomcat-9.0-doc/config/listeners.html#TLS_configuration_reload_listener_-_org.apache.catalina.security.TLSCertificateReloadListener https://tomcat.apache.org/tomcat-8.5-doc/config/listeners.html#TLS_configuration_reload_listener_-_org.apache.catalina.security.TLSCertificateReloadListener - Chuck