Hi Christopher,
if I manage to write a code that I think would help others regarding
Letsencrypt/SSL issues, I'll send it to you.
In the meantime these instructions sent by Peter sounds good enough:
curl -u "
https://localhost:8443/manager/jmxproxy?invoke=Catalina:type=ProtocolHandler,port=8443&
Mladen,
On 12/29/20 03:46, Mladen Adamović wrote:
On Tue, Dec 29, 2020 at 3:18 AM Christopher Schultz <
ch...@christopherschultz.net> wrote:
Honestly, I thought that reloadAfterNDays param to server.xml would be
better, but admins didn't have an understanding on this topic.
Don't be a jerk.
On Tue, Dec 29, 2020 at 3:18 AM Christopher Schultz <
ch...@christopherschultz.net> wrote:
> > Honestly, I thought that reloadAfterNDays param to server.xml would be
> > better, but admins didn't have an understanding on this topic.
>
> Don't be a jerk. We understand it. We are just saying that we
Jerry,
On 12/28/20 13:56, Jerry Malcolm wrote:
Thanks for the info. I'll try to figure out a way to integrate this.
The problem is that I don't really know when the certs get regen'd. I
have a daily cron job that calls certbot to renew. But it only renews
when it decides it's time to renew.
Mladen,
On 12/26/20 13:25, Mladen Adamović wrote:
If you set up tomcat manager up, you can reload certificate with something
like
Stop Connector – curl http://localhost:8080/manager/jmxproxy?invoke=Catalina
%3Atype%3DConnector%2Cport%3D8443&op=stop
Start Connector – curl http://localhost:8080/ma
Thanks for the info. I'll try to figure out a way to integrate this.
The problem is that I don't really know when the certs get regen'd. I
have a daily cron job that calls certbot to renew. But it only renews
when it decides it's time to renew. TC is so good about monitoring
other folders f
Jerry,
the quotes were messed up.
See the correct command below inline.
> Am 28.12.2020 um 11:10 schrieb logo :
>
> Jerry,
>
> Try this after regenerating the LE certs
>
> curl -u
> "https://localhost:8443/manager/jmxproxy?invoke=Catalina:type=ProtocolHandler,port=8443&op=reloadSslHostConfi
Jerry,
Try this after regenerating the LE certs
curl -u
"https://localhost:8443/manager/jmxproxy?invoke=Catalina:type=ProtocolHandler,port=8443&op=reloadSslHostConfigs“
for all domains or
curl -u
"https://localhost:8443/manager/jmxproxy?invoke=Catalina:type=ProtocolHandler,port=8443&op=relo
On Sat, Dec 26, 2020 at 6:46 PM John Larsen
wrote:
> This is why we set up SSL through the web server instead of tomcat.
> Apache webserver -> SSL -> Mod_jk <-> Tomcat
>
It might be easier to install but performance-wise it doesn't make sense.
If you care about performances, I think you should m
If you set up tomcat manager up, you can reload certificate with something
like
Stop Connector – curl http://localhost:8080/manager/jmxproxy?invoke=Catalina
%3Atype%3DConnector%2Cport%3D8443&op=stop
Start Connector – curl http://localhost:8080/manager/jmxproxy?invoke=Catalina
%3Atype%3DConnector%2C
This is why we set up SSL through the web server instead of tomcat.
Apache webserver -> SSL -> Mod_jk <-> Tomcat
John Larsen
On Sat, Dec 26, 2020 at 10:43 AM Jerry Malcolm
wrote:
> We have a production environment where we rarely reboot Tomcat.
> LetsEncrypt auto-updates the certificates ever
We have a production environment where we rarely reboot Tomcat.
LetsEncrypt auto-updates the certificates every couple of months. But
the new certificates are not loaded into Tomcat. So when the original
expiration date of the certs arrives, users get "certificate expired"
even though new cert
12 matches
Mail list logo
