You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Alonzo Wilson <al...@wmich.edu> on 2008/08/12 20:40:47 UTC

ssl certificate

After importing the signed certificate using 
 

keytool -import -alias tomcat1 -trustcacerts -file tsat.cer 
-keystore .keystore
 
is there a way to make the new certificate active besides stopping
and starting tomcat?
 
Thank you advance.

Re: ssl certificate

Posted by Mark Thomas <ma...@apache.org>.

Alonzo Wilson wrote:
> Thank you.  I look forward to having a tomcat restart command.  The
> stop and restart is considered downtime and requires documentation. 
> I'm hoping it will come in a future release.

Sorry, that is very unlikely to ever happen. You can restart a context
without dropping connections but you can't restart the server that way.

If you need that level of availability, look into a simple httpd Tomcat
cluster.

Mark

> 
>>>> Mark Thomas <ma...@apache.org> 8/14/2008 11:17 AM >>>
> Alonzo Wilson wrote:
>> Please explain.  How does adding a new connector restart tomcat
> and
>> activate the new ssl cert?
> 
> It doesn't.
> 
> In 4.1.30 you can use the admin app to add a connector and start
> it.
> 
> In 6.0.16 the admin app doesn't exist so JMX is your only option
> but this
> could be tricky so restarting Tomcat will be a lot simpler.
> 
> Mark
> 
>>>>> Mark Thomas <ma...@apache.org> 8/12/2008 5:05 PM >>>
>> Alonzo Wilson wrote:
>>> 4.1.30 and 6.0.16
>> 4.1.30 you should be able to use the admin app to add a new
>> connector. With 
>> 6.0.16 you might be able to use JMX. Restarting Tomcat will be
> far
>> easier.
>>
>> Mark
>>
>>
>>
>>
> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org 
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org 
>> For additional commands, e-mail: users-help@tomcat.apache.org 
>>
>>
> 
> 
> 
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org 
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org 
> For additional commands, e-mail: users-help@tomcat.apache.org 
> 
> 



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: ssl certificate

Posted by Alonzo Wilson <al...@wmich.edu>.

Thank you.  I look forward to having a tomcat restart command.  The
stop and restart is considered downtime and requires documentation. 
I'm hoping it will come in a future release.

>>> Mark Thomas <ma...@apache.org> 8/14/2008 11:17 AM >>>
Alonzo Wilson wrote:
> Please explain.  How does adding a new connector restart tomcat
and
> activate the new ssl cert?

It doesn't.

In 4.1.30 you can use the admin app to add a connector and start
it.

In 6.0.16 the admin app doesn't exist so JMX is your only option
but this
could be tricky so restarting Tomcat will be a lot simpler.

Mark

> 
>>>> Mark Thomas <ma...@apache.org> 8/12/2008 5:05 PM >>>
> Alonzo Wilson wrote:
>> 4.1.30 and 6.0.16
> 
> 4.1.30 you should be able to use the admin app to add a new
> connector. With 
> 6.0.16 you might be able to use JMX. Restarting Tomcat will be
far
> easier.
> 
> Mark
> 
> 
> 
>
---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org 
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org 
> For additional commands, e-mail: users-help@tomcat.apache.org 
> 
> 



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org 
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org 
For additional commands, e-mail: users-help@tomcat.apache.org

Re: ssl certificate

Posted by Mark Thomas <ma...@apache.org>.

Alonzo Wilson wrote:
> Please explain.  How does adding a new connector restart tomcat and
> activate the new ssl cert?

It doesn't.

In 4.1.30 you can use the admin app to add a connector and start it.

In 6.0.16 the admin app doesn't exist so JMX is your only option but this
could be tricky so restarting Tomcat will be a lot simpler.

Mark

> 
>>>> Mark Thomas <ma...@apache.org> 8/12/2008 5:05 PM >>>
> Alonzo Wilson wrote:
>> 4.1.30 and 6.0.16
> 
> 4.1.30 you should be able to use the admin app to add a new
> connector. With 
> 6.0.16 you might be able to use JMX. Restarting Tomcat will be far
> easier.
> 
> Mark
> 
> 
> 
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org 
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org 
> For additional commands, e-mail: users-help@tomcat.apache.org 
> 
> 



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: ssl certificate

Posted by Alonzo Wilson <al...@wmich.edu>.

Please explain.  How does adding a new connector restart tomcat and
activate the new ssl cert?

>>> Mark Thomas <ma...@apache.org> 8/12/2008 5:05 PM >>>
Alonzo Wilson wrote:
> 4.1.30 and 6.0.16

4.1.30 you should be able to use the admin app to add a new
connector. With 
6.0.16 you might be able to use JMX. Restarting Tomcat will be far
easier.

Mark

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org 
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org 
For additional commands, e-mail: users-help@tomcat.apache.org

Re: ssl certificate

Posted by Mark Thomas <ma...@apache.org>.

Alonzo Wilson wrote:
> 4.1.30 and 6.0.16

4.1.30 you should be able to use the admin app to add a new connector. With 
6.0.16 you might be able to use JMX. Restarting Tomcat will be far easier.

Mark



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: ssl certificate

Posted by Alonzo Wilson <al...@wmich.edu>.

4.1.30 and 6.0.16

>>> Mark Thomas <ma...@apache.org> 8/12/2008 3:02 PM >>>
Alonzo Wilson wrote:
> After importing the signed certificate using 
>  
> 
> keytool -import -alias tomcat1 -trustcacerts -file tsat.cer 
> -keystore .keystore
>  
> is there a way to make the new certificate active besides
stopping
> and starting tomcat?

Tomcat version?

Mark


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org 
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org 
For additional commands, e-mail: users-help@tomcat.apache.org

Re: ssl certificate

Posted by Mark Thomas <ma...@apache.org>.

Alonzo Wilson wrote:
> After importing the signed certificate using 
>  
> 
> keytool -import -alias tomcat1 -trustcacerts -file tsat.cer 
> -keystore .keystore
>  
> is there a way to make the new certificate active besides stopping
> and starting tomcat?

Tomcat version?

Mark


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org