Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Updating SSL keystore

On 08/02/2017 12:21, Simone Bordet wrote:
You have to detail what you're doing, as it's not clear.

Are you starting Jetty as a standalone server, and you want to add a
component to the server that reads the keystore path ?
Are you starting Jetty using embedded code ?

It's not embedded; I start it using start.jar and all the standard XML config. I have a ServletContextListener that spins off a couple of background threads, and now it also starts another thread to monitor the keystore file, which basically looks like this:

  public void run () {
    SslContextFactory s = new SslContextFactory();
    keystoreFile = new File(s.getKeyStorePath());
    keystoreDate = keystoreFile.lastModified();
    while (!shutdown) {
      if (keystoreDate != keystoreFile.lastModified()) {
      try {
    	s.reload(scf -> {});
	keystoreDate = keystoreFile.lastModified();
	context.log("Keystore monitor: Keystore updated successfully");
      }
      catch (Exception e) {
	context.log("Keystore monitor: Keystore update failed:"
                    + stackTrace(e));
      }
      sleep (PERIOD);
    }
  }

(For the moment I'm assuming that I'm replacing the entire keystore file.)

Thanks,

--
John English


Back to the top