This is an automated email from the ASF dual-hosted git repository. btellier pushed a commit to branch 3.8.x in repository https://gitbox.apache.org/repos/asf/james-project.git
commit 50aff7b1890a31e91fe6aabdb51841e4c97381b5 Author: Benoit Tellier <btell...@linagora.com> AuthorDate: Fri May 26 09:37:09 2023 +0700 JAMES-3906 Documentation --- .../AbstractSSLAwareChannelPipelineFactory.java | 3 ++- .../docs/modules/ROOT/pages/operate/webadmin.adoc | 23 ++++++++++++++++++++++ src/site/markdown/server/manage-webadmin.md | 23 ++++++++++++++++++++++ 3 files changed, 48 insertions(+), 1 deletion(-) diff --git a/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java b/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java index dc7e4330a4..c04acb83f1 100644 --- a/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java +++ b/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java @@ -68,6 +68,7 @@ public abstract class AbstractSSLAwareChannelPipelineFactory<C extends SocketCha * Return if the socket is using SSL/TLS */ protected boolean isSSLSocket() { - return secure != null && secure.get().supportsEncryption() && !secure.get().isStartTLS(); + Encryption encryption = secure.get(); + return encryption != null && encryption.supportsEncryption() && !encryption.isStartTLS(); } } diff --git a/server/apps/distributed-app/docs/modules/ROOT/pages/operate/webadmin.adoc b/server/apps/distributed-app/docs/modules/ROOT/pages/operate/webadmin.adoc index bf37c8343f..2449073d27 100644 --- a/server/apps/distributed-app/docs/modules/ROOT/pages/operate/webadmin.adoc +++ b/server/apps/distributed-app/docs/modules/ROOT/pages/operate/webadmin.adoc @@ -4819,3 +4819,26 @@ This is an example of returned body. "targetsContent": false } .... + +== Reloading server certificates + +Certificates for TCP based protocols (IMAP, SMTP, POP3, LMTP and ManageSieve) can be updated at +runtime, without service interuption and without closing existing connections. + +In order to do so: + + - Generate / retrieve your cryptographic materials and replace the ones specified in James configuration. + - Then call the following endpoint: + +.... +curl -XPOST http://ip:port/servers?reload-certificate +.... + +Optional query parameters: + + - `port`: positive integer (valid port number). Only reload certificates for the specific port. + +Return code: + + - 204: the certificate is reloaded + - 400: Invalid request. \ No newline at end of file diff --git a/src/site/markdown/server/manage-webadmin.md b/src/site/markdown/server/manage-webadmin.md index 4f59df86d3..f091d3c0a3 100644 --- a/src/site/markdown/server/manage-webadmin.md +++ b/src/site/markdown/server/manage-webadmin.md @@ -4514,3 +4514,26 @@ Response codes : - 201: the taskId of the created task - 400: Invalid action argument for performing operation on mappings data + +## Reloading server certificates + +Certificates for TCP based protocols (IMAP, SMTP, POP3, LMTP and ManageSieve) can be updated at +runtime, without service interuption and without closing existing connections. + +In order to do so: + + - Generate / retrieve your cryptographic materials and replace the ones specified in James configuration. + - Then call the following endpoint: + +``` +curl -XPOST http://ip:port/servers?reload-certificate +``` + +Optional query parameters: + + - `port`: positive integer (valid port number). Only reload certificates for the specific port. + +Return code: + + - 204: the certificate is reloaded + - 400: Invalid request. \ No newline at end of file --------------------------------------------------------------------- To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org