-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mark,
On 2/18/16 5:15 PM, Mark Thomas wrote: > On 18/02/2016 22:03, James H. H. Lampert wrote: >> Out of morbid curiosity, is there a way to make a certificate >> update take effect without restarting Tomcat? > > Sort of. > > Set bindOnInit on the connector to false. > > Modify the config via JMX. > > Then you should be able to use JMX to call stop() followed by > start() on the TLS connector which should re-initialise the TLS > settings from the in-memory config. Theoretically, this should also allow re-loading of a CRL, right? I keep meaning to write an auto-reloading CRL component for Tomcat, but I haven't gotten around to doing it, yet. :( - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlbHM4AACgkQ9CaO5/Lv0PBv8QCgrMC9QaSKDQIszBI0ZCMC3oMw 9IAAnRZT2ypQEqBAlG9HWp8/tS3LK+Ok =cH+n -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org