On 26/10/2017 09:31, Johan Compagner wrote: > Hi, > > now with LetsCrypt its easy (and free) to get https up and running even if > you just use tomcat > But the problem is those certificate must be renewed every 3 months > This is easy to do in a crontab script (that does the renew and makes a > java keystore again) > So i can generate the pfx constantly just fine > > But does tomcat monitor that file for changes and will it then use the new > one without restarting the whole server?
Currently, no. We have just added the ability to 9.0.x and 8.5.x to reload the certificate file on the fly. It should be relatively easy to add a component that watches for changes to the cert file (or any of the other files) and trigger a reload as required. I suggest opening an enhancement request in Bugzilla. Whether it is a whole new component or just something that gets added to the existing back ground processing framework for an existing component is TBD. If you'd like to work on a patch to implement this, pop over to the dev list and we'll point you in the right direction. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org