This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch 3.8.x
in repository https://gitbox.apache.org/repos/asf/james-project.git
commit 50aff7b1890a31e91fe6aabdb51841e4c97381b5
Author: Benoit Tellier <btell...@linagora.com>
AuthorDate: Fri May 26 09:37:09 2023 +0700
JAMES-3906 Documentation
---
.../AbstractSSLAwareChannelPipelineFactory.java | 3 ++-
.../docs/modules/ROOT/pages/operate/webadmin.adoc | 23 ++++++++++++++++++++++
src/site/markdown/server/manage-webadmin.md | 23 ++++++++++++++++++++++
3 files changed, 48 insertions(+), 1 deletion(-)
diff --git
a/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java
b/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java
index dc7e4330a4..c04acb83f1 100644
---
a/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java
+++
b/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java
@@ -68,6 +68,7 @@ public abstract class
AbstractSSLAwareChannelPipelineFactory<C extends SocketCha
* Return if the socket is using SSL/TLS
*/
protected boolean isSSLSocket() {
- return secure != null && secure.get().supportsEncryption() &&
!secure.get().isStartTLS();
+ Encryption encryption = secure.get();
+ return encryption != null && encryption.supportsEncryption() &&
!encryption.isStartTLS();
}
}
diff --git
a/server/apps/distributed-app/docs/modules/ROOT/pages/operate/webadmin.adoc
b/server/apps/distributed-app/docs/modules/ROOT/pages/operate/webadmin.adoc
index bf37c8343f..2449073d27 100644
--- a/server/apps/distributed-app/docs/modules/ROOT/pages/operate/webadmin.adoc
+++ b/server/apps/distributed-app/docs/modules/ROOT/pages/operate/webadmin.adoc
@@ -4819,3 +4819,26 @@ This is an example of returned body.
"targetsContent": false
}
....
+
+== Reloading server certificates
+
+Certificates for TCP based protocols (IMAP, SMTP, POP3, LMTP and ManageSieve)
can be updated at
+runtime, without service interuption and without closing existing connections.
+
+In order to do so:
+
+ - Generate / retrieve your cryptographic materials and replace the ones
specified in James configuration.
+ - Then call the following endpoint:
+
+....
+curl -XPOST http://ip:port/servers?reload-certificate
+....
+
+Optional query parameters:
+
+ - `port`: positive integer (valid port number). Only reload certificates for
the specific port.
+
+Return code:
+
+ - 204: the certificate is reloaded
+ - 400: Invalid request.
\ No newline at end of file
diff --git a/src/site/markdown/server/manage-webadmin.md
b/src/site/markdown/server/manage-webadmin.md
index 4f59df86d3..f091d3c0a3 100644
--- a/src/site/markdown/server/manage-webadmin.md
+++ b/src/site/markdown/server/manage-webadmin.md
@@ -4514,3 +4514,26 @@ Response codes :
- 201: the taskId of the created task
- 400: Invalid action argument for performing operation on mappings data
+
+## Reloading server certificates
+
+Certificates for TCP based protocols (IMAP, SMTP, POP3, LMTP and ManageSieve)
can be updated at
+runtime, without service interuption and without closing existing connections.
+
+In order to do so:
+
+ - Generate / retrieve your cryptographic materials and replace the ones
specified in James configuration.
+ - Then call the following endpoint:
+
+```
+curl -XPOST http://ip:port/servers?reload-certificate
+```
+
+Optional query parameters:
+
+ - `port`: positive integer (valid port number). Only reload certificates for
the specific port.
+
+Return code:
+
+ - 204: the certificate is reloaded
+ - 400: Invalid request.
\ No newline at end of file
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org
For additional commands, e-mail: notifications-h...@james.apache.org
