[james-project] 08/09: JAMES-3906 Documentation

[bt...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git

commit 6f94f3f8bbe7d78623c62faf3543c763ca6b1667
Author: Benoit Tellier <bt...@linagora.com>
AuthorDate: Fri May 26 09:37:09 2023 +0700

    JAMES-3906 Documentation
---
 .../AbstractSSLAwareChannelPipelineFactory.java    |  3 ++-
 .../docs/modules/ROOT/pages/operate/webadmin.adoc  | 23 ++++++++++++++++++++++
 src/site/markdown/server/manage-webadmin.md        | 23 ++++++++++++++++++++++
 3 files changed, 48 insertions(+), 1 deletion(-)

diff --git a/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java b/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java
index dc7e4330a4..c04acb83f1 100644
--- a/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java
+++ b/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java
@@ -68,6 +68,7 @@ public abstract class AbstractSSLAwareChannelPipelineFactory<C extends SocketCha
      * Return if the socket is using SSL/TLS
      */
     protected boolean isSSLSocket() {
-        return secure != null && secure.get().supportsEncryption() && !secure.get().isStartTLS();
+        Encryption encryption = secure.get();
+        return encryption != null && encryption.supportsEncryption() && !encryption.isStartTLS();
     }
 }
diff --git a/server/apps/distributed-app/docs/modules/ROOT/pages/operate/webadmin.adoc b/server/apps/distributed-app/docs/modules/ROOT/pages/operate/webadmin.adoc
index 72a4d6bb0f..703169ee12 100644
--- a/server/apps/distributed-app/docs/modules/ROOT/pages/operate/webadmin.adoc
+++ b/server/apps/distributed-app/docs/modules/ROOT/pages/operate/webadmin.adoc
@@ -4910,3 +4910,26 @@ This is an example of returned body.
   "targetsContent": false
 }
 ....
+
+== Reloading server certificates
+
+Certificates for TCP based protocols (IMAP, SMTP, POP3, LMTP and ManageSieve) can be updated at
+runtime, without service interuption and without closing existing connections.
+
+In order to do so:
+
+ - Generate / retrieve your cryptographic materials and replace the ones specified in James configuration.
+ - Then call the following endpoint:
+
+....
+curl -XPOST http://ip:port/servers?reload-certificate
+....
+
+Optional query parameters:
+
+ - `port`: positive integer (valid port number). Only reload certificates for the specific port.
+
+Return code:
+
+ - 204: the certificate is reloaded
+ - 400: Invalid request.
\ No newline at end of file
diff --git a/src/site/markdown/server/manage-webadmin.md b/src/site/markdown/server/manage-webadmin.md
index 8c78ca3518..9c76eb5ce0 100644
--- a/src/site/markdown/server/manage-webadmin.md
+++ b/src/site/markdown/server/manage-webadmin.md
@@ -4607,3 +4607,26 @@ Response codes :
 
  - 201: the taskId of the created task
  - 400: Invalid action argument for performing operation on mappings data
+
+## Reloading server certificates
+
+Certificates for TCP based protocols (IMAP, SMTP, POP3, LMTP and ManageSieve) can be updated at
+runtime, without service interuption and without closing existing connections.
+
+In order to do so:
+
+ - Generate / retrieve your cryptographic materials and replace the ones specified in James configuration.
+ - Then call the following endpoint:
+
+```
+curl -XPOST http://ip:port/servers?reload-certificate
+```
+
+Optional query parameters:
+
+ - `port`: positive integer (valid port number). Only reload certificates for the specific port.
+
+Return code:
+
+ - 204: the certificate is reloaded
+ - 400: Invalid request.
\ No newline at end of file


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org