On Tue, Dec 29, 2020 at 3:18 AM Christopher Schultz < ch...@christopherschultz.net> wrote:
> > Honestly, I thought that reloadAfterNDays param to server.xml would be > > better, but admins didn't have an understanding on this topic. > > Don't be a jerk. We understand it. We are just saying that we want it > built in stages. If you want radical changes, you'll need to work on a > server without a decades-long history of being stable and reliable. > Well, one thing is certainly correct here - that Tomcat at least in 2016 wasn't working properly on my server, Numbeo.com. The problem was noticed in the past few months and the update to 9.0.47 solved the issue, so indeed Tomcat doesn't have a stable and reliable history. I haven't complained about it although. Regarding me being the jerk, I haven't seen regarding reloadAfterNDays param that any project maintainer said something like: "I think that's a good idea. If you create that code, I'll review it". So from my point of view, there wasn't understanding. It looked that Romain and you want a full ACME client without dependencies so that Tomcat could run in containers with SSL, while it's a valid idea, it seems I wouldn't be the one building that. There are a few reasons, i.e. I have "newbie Tomcat devs problems", and I'm not so motivated to work on a feature that makes more sense for big corporations rather than a single small developers. To note even my question to explain to add Class javadoc for LifecycleMBeanBase stayed unanswered so far in dev list, to my surprise. Back in 2007, I was good enough so that Google picked me to develop the software for them, I left to start my own business two years later, but I have a history of not being a good team player, seeing the same things differently than other people, and also I don't have a history of contributing to open-source projects (unless started by myself), so perhaps, at the end of the day, I'm not the good fit for Tomcat dev. Anyway, as it looks now, I'll unsubscribe soon from the Tomcat dev email list as it looks to me that I didn't fit. > > Thanks, > -chris > > > On Sat, Dec 26, 2020 at 6:49 PM Jerry Malcolm <techst...@malcolms.com> > > wrote: > > > >> We have a production environment where we rarely reboot Tomcat. > >> LetsEncrypt auto-updates the certificates every couple of months. But > >> the new certificates are not loaded into Tomcat. So when the original > >> expiration date of the certs arrives, users get "certificate expired" > >> even though new certs exist. A simple reboot to load the new certs > >> fixes it. But we want to avoid reboots. Are there any config > >> parameters that tell TC to check for cert updates and reload the new > >> certs? Thx > >> > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > >> For additional commands, e-mail: users-h...@tomcat.apache.org > >> > >> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
