-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Automatically hot-reload SSL certificates if keystore file changed #5019
Comments
We should:
|
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
…tart.jar Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
FTR, we decided that #1826 is orthogonal and more complicated to implement, so for now we only "watch" |
Issue #5019 - hot-reload SSL certificates if keystore file changed
PR #5042 adds the |
Hi, When I am checking using the curl Please find the code and suggest me if any.
|
Note: Jetty 9.x is at End of Community Support as of June 2022 You should be using Jetty 10, Jetty 11, or Jetty 12 at this point in time. Also note that Jetty 10 and Jetty 11 has started it's Sunsetting and will be at End of Community Support in January 2025 |
With LetsEncrypt providing short-duration certificates, it is useful to be able to hot-reload the keystore using the
sslContextFactory.reload
method. ( See #918 )However, in non-embedded situations (i.e. Jetty started using
java start.jar
), it requires the creation of a custom module and a jar file that will include the fairly straightforward code that will trigger the reload.Please consider automatically reloading the keystore, or providing an option in ssl.ini to do so.
In embedded Jetty, that would be done like this:
(The FileWatcher source is here: https://gist.github.com/danielflower/f54c2fe42d32356301c68860a4ab21ed)
The text was updated successfully, but these errors were encountered: