This is why we set up SSL through the web server instead of tomcat. Apache webserver -> SSL -> Mod_jk <-> Tomcat
John Larsen On Sat, Dec 26, 2020 at 10:43 AM Jerry Malcolm <techst...@malcolms.com> wrote: > We have a production environment where we rarely reboot Tomcat. > LetsEncrypt auto-updates the certificates every couple of months. But > the new certificates are not loaded into Tomcat. So when the original > expiration date of the certs arrives, users get "certificate expired" > even though new certs exist. A simple reboot to load the new certs > fixes it. But we want to avoid reboots. Are there any config > parameters that tell TC to check for cert updates and reload the new > certs? Thx > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >