"Michael Rooz" <[email protected]> wrote in message news:[email protected]... > Hi, > > I've successfully configured Tomcat to use Client Authentication. > Evidently > for Tomcat to reflect updates made to the truststore, it needs to be > restarted. > > How can I get Tomcat to reload its truststore without performing a > restart? >
Well, you can stop and start the Connector (e.g. via JMX). But Tomcat will never re-load the truststore while the Connector is running on it's own. Of course, if you are using a dynamic truststore (e.g. card-based), then this shouldn't be a problem. In general, it is very rarely that you need to update the truststore since it just contains the trusted CA certs. Adding a user from a trusted CA doesn't require an update, since the user's cert will be accepted at the SSL layer. > > > If this requires writing a custom connector that would for example > reinitialize the SSLContext, where can I find some documentation that can > be of some help/guidance? > Not sure if this can be done from the APR Connector, but for the Java Connectors you need to create your own SSLImplementation (from o.a.t.u.net) and configure it with sSSImplementation="com.myfirm.mypackage.MySSLImplementation" on the <Connector .../> element. There is some information in the archives for this list, but otherwise the Tomcat JavaDocs and/or source code. > > > Thanks, > > -MIke > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
