[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
[jetty-users] regd. loading certificate from truststore without restarting jetty or loosing sslSocket
|
Hi,
I need to do ssl client-auth kind of use case using jetty.
The
client will be sending their certificate and I'll be registering them
in a truststore and then the client can make new requests using the
certificate.
I have been able to implement everything but the problem is that
after registering the certificate I have to restart jetty for that
certificate to be loaded in.
I don't want to restart jetty every
time so I wrote some JMX code to restart the SslSocketConnector only.
But now the trouble is that the original connection drops after the
SslSocketConnector is restarted. If the connection drops then I can't
send a response back to the client whose certificate I have just
registered.
Is there a way to read in certificates from the truuststore without restarting jetty?
The way I restart SslSocketConnector using JMX is as under:
public void refreshTrustStore() throws Exception {
System.out.println("In refreshTrustStore");
try{
MBeanServer mBeanServer = ManagementFactory.
getPlatformMBeanServer();
Set names = mBeanServer.queryNames(new ObjectName("*:*"), null);
Iterator it=names.iterator();
while( it.hasNext()) {
ObjectName _oname_= (ObjectName)it.next();
MBeanInfo minfo = mBeanServer.getMBeanInfo(oname);
if (minfo.getClassName().equals("org.mortbay.jetty.security.SslSocketConnector")) {
System.out.println("found ssl socket connector... will try to restart it");
System.out.println("Restarting SSL Connector on port ");
Object params[] = {};
String signature[] = {};
;
/**
* Stop and restart the connector to get it to re-read the certificate trustfile
*/
mBeanServer.invoke(oname, "stop", params, signature);
mBeanServer.invoke(oname, "start", params, signature);
}
}
}
catch (Exception e) {
System.out.println("Did not restart SSL Connector: " + e);
e.printStackTrace();
throw e;
}
}
Any help will be greatly appreciated.
Thanks & Regards,
Manu