https://bz.apache.org/bugzilla/show_bug.cgi?id=65770
--- Comment #12 from Michael Osipov <micha...@apache.org> --- (In reply to Mark Thomas from comment #8) > I've been discussing this with the users recently and came up with the > following approach. > > - Lifecycle listener that ships with Tomcat > - Every X minutes (driven by background process but customisable so checks > don't happen every time the background process runs) > - Checks expiry time of each cert. > - For each cert with less than Y days reload TLS config > - If cert still has less than Y days remaining, log a warning > > This listener would be disabled by default but available as part of the > standard Tomcat distribution. Maybe this listener should receive a reload interface will will decide whether the file needs to be reloaded or not? We can provide a default impl, but others can implement their logic?! -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org