"Bill Harrelson" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > I apologize for the repost, but I need to solve this problem pretty quickly, and I worry > that with the volume on this list, anything unanswered for two days is lost. > > This is a question that I can't find the answer to anywhere: > > If I add a certifcate to my keystore, will Tomcat see it immediately (or soon) or > do I have to bounce Tomcat to get it to reload it's internal keystore instance? >
Tomcat hands off all of the keystore management to your vendor's JSSE implementation, so there really isn't a one-size-fits-all answer. You'll have to ask your vendor if they cache certs, and/or if they re-load the cache. The only safe answer that will work always is to bounce Tomcat. > If I have to bounce Tomcat, is there any programmatic way to make > Tomcat reload its keystore or a way for some external program to tell it to bounce > itself? > In theory, you could use JMX to stop and start the Connector. Never tried it myself. > Thanks in advance, > > Bill --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
