Re: [tomcat] branch main updated: BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter()
Michael, On 10/12/23 07:56, Michael Osipov wrote: On 2023/10/12 11:46:55 Christopher Schultz wrote: Michael, On 10/12/23 06:13, micha...@apache.org wrote: This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 69143e32da BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter() I'm not sure it's worth keeping the SimpleDateFormat object around after this log statement. Consider discarding it. I thought about it before, I decided not to: * The listener runs in server scope, so it is always present for the lifetime of the JVM * The listener runs periodic task which require to create the SDF over and over again instead of sharing it per instance WDYT? I forgot it runs periodically :) Honestly, it probably doesn't matter much either way. It's not an object that will be user frequently, so holding onto it doesn't matter. But it also doesn't take up very much memory, so sure you can leave it. -chris - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch main updated: BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter()
On 2023/10/12 11:46:55 Christopher Schultz wrote: > Michael, > > On 10/12/23 06:13, micha...@apache.org wrote: > > This is an automated email from the ASF dual-hosted git repository. > > > > michaelo pushed a commit to branch main > > in repository https://gitbox.apache.org/repos/asf/tomcat.git > > > > > > The following commit(s) were added to refs/heads/main by this push: > > new 69143e32da BZ 67667: TLSCertificateReloadListener prints > > unreadable rendering of X509Certificate#getNotAfter() > > I'm not sure it's worth keeping the SimpleDateFormat object around after > this log statement. Consider discarding it. I thought about it before, I decided not to: * The listener runs in server scope, so it is always present for the lifetime of the JVM * The listener runs periodic task which require to create the SDF over and over again instead of sharing it per instance WDYT? - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch main updated: BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter()
Michael, On 10/12/23 06:13, micha...@apache.org wrote: This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 69143e32da BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter() I'm not sure it's worth keeping the SimpleDateFormat object around after this log statement. Consider discarding it. -chris 69143e32da is described below commit 69143e32da1b51c9f2c08e280f9133175f5b8dc1 Author: Michael Osipov AuthorDate: Thu Oct 12 12:09:02 2023 +0200 BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter() --- .../apache/catalina/security/TLSCertificateReloadListener.java| 4 +++- webapps/docs/changelog.xml| 8 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/java/org/apache/catalina/security/TLSCertificateReloadListener.java b/java/org/apache/catalina/security/TLSCertificateReloadListener.java index 0596732575..3db6e286c3 100644 --- a/java/org/apache/catalina/security/TLSCertificateReloadListener.java +++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java @@ -17,6 +17,7 @@ package org.apache.catalina.security; import java.security.cert.X509Certificate; +import java.text.SimpleDateFormat; import java.util.Calendar; import java.util.Set; @@ -45,6 +46,7 @@ public class TLSCertificateReloadListener implements LifecycleListener { private static final Log log = LogFactory.getLog(TLSCertificateReloadListener.class); private static final StringManager sm = StringManager.getManager(TLSCertificateReloadListener.class); +private final SimpleDateFormat dateFormat = new SimpleDateFormat("-MM-dd'T'HH:mm:ssXXX"); // Configuration private int checkPeriod = 24 * 60 * 60; @@ -160,7 +162,7 @@ public class TLSCertificateReloadListener implements LifecycleListener { log.warn(sm.getString("tlsCertRenewalListener.notRenewed", connector, sslHostConfig.getHostName(), expiringCertificate.getSubjectX500Principal().getName(), - expiringCertificate.getNotAfter())); + dateFormat.format(expiringCertificate.getNotAfter(; } } } catch (IllegalArgumentException iae) { diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 09b0227b59..faf938bb4a 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -105,6 +105,14 @@ issues do not "pop up" wrt. others). --> + + + +67667: TLSCertificateReloadListener prints unreadable +rendering of X509Certificate#getNotAfter(). (michaelo) + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter()
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 69143e32da BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter() 69143e32da is described below commit 69143e32da1b51c9f2c08e280f9133175f5b8dc1 Author: Michael Osipov AuthorDate: Thu Oct 12 12:09:02 2023 +0200 BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter() --- .../apache/catalina/security/TLSCertificateReloadListener.java| 4 +++- webapps/docs/changelog.xml| 8 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/java/org/apache/catalina/security/TLSCertificateReloadListener.java b/java/org/apache/catalina/security/TLSCertificateReloadListener.java index 0596732575..3db6e286c3 100644 --- a/java/org/apache/catalina/security/TLSCertificateReloadListener.java +++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java @@ -17,6 +17,7 @@ package org.apache.catalina.security; import java.security.cert.X509Certificate; +import java.text.SimpleDateFormat; import java.util.Calendar; import java.util.Set; @@ -45,6 +46,7 @@ public class TLSCertificateReloadListener implements LifecycleListener { private static final Log log = LogFactory.getLog(TLSCertificateReloadListener.class); private static final StringManager sm = StringManager.getManager(TLSCertificateReloadListener.class); +private final SimpleDateFormat dateFormat = new SimpleDateFormat("-MM-dd'T'HH:mm:ssXXX"); // Configuration private int checkPeriod = 24 * 60 * 60; @@ -160,7 +162,7 @@ public class TLSCertificateReloadListener implements LifecycleListener { log.warn(sm.getString("tlsCertRenewalListener.notRenewed", connector, sslHostConfig.getHostName(), expiringCertificate.getSubjectX500Principal().getName(), - expiringCertificate.getNotAfter())); + dateFormat.format(expiringCertificate.getNotAfter(; } } } catch (IllegalArgumentException iae) { diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 09b0227b59..faf938bb4a 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -105,6 +105,14 @@ issues do not "pop up" wrt. others). --> + + + +67667: TLSCertificateReloadListener prints unreadable +rendering of X509Certificate#getNotAfter(). (michaelo) + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org