[meecrowave] did you know? tomcat and SSLHostConfig reload?

[Romain Manni-Bucau <rm...@gmail.com>]

Hi guys,

Did you notice SSLHostConfig is .... reloadable?

Means we can have a let's encrypt extension!

Anyone motivated to hack it? If not i can give it a try after microprofile
work

Romain Manni-Bucau
@rmannibucau <https://twitter.com/rmannibucau> |  Blog
<https://rmannibucau.metawerx.net/> | Old Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | Book
<https://www.packtpub.com/application-development/java-ee-8-high-performance>

Re: [meecrowave] did you know? tomcat and SSLHostConfig reload?

[Romain Manni-Bucau <rm...@gmail.com>]

Hi guys,

pushed some PoC for lets encrypt integration. I don't have a domain anymore
ATM to test so I would be happy to get some help on that phase before we
release.

Romain Manni-Bucau
@rmannibucau <https://twitter.com/rmannibucau> |  Blog
<https://rmannibucau.metawerx.net/> | Old Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | Book
<https://www.packtpub.com/application-development/java-ee-8-high-performance>


Le jeu. 28 juin 2018 à 20:42, Mark Struberg <st...@yahoo.de.invalid> a
écrit :

> wellllll, looks like a REALLY cool addition!
>
> But fear I don't have time right now :/
>
> LieGrue,
> strub
>
>
> > Am 27.06.2018 um 22:55 schrieb Romain Manni-Bucau <rmannibucau@gmail.com
> >:
> >
> > Hi guys,
> >
> > Did you notice SSLHostConfig is .... reloadable?
> >
> > Means we can have a let's encrypt extension!
> >
> > Anyone motivated to hack it? If not i can give it a try after
> microprofile
> > work
> >
> > Romain Manni-Bucau
> > @rmannibucau <https://twitter.com/rmannibucau> |  Blog
> > <https://rmannibucau.metawerx.net/> | Old Blog
> > <http://rmannibucau.wordpress.com> | Github <
> https://github.com/rmannibucau> |
> > LinkedIn <https://www.linkedin.com/in/rmannibucau> | Book
> > <
> https://www.packtpub.com/application-development/java-ee-8-high-performance
> >
>
>

Re: [meecrowave] did you know? tomcat and SSLHostConfig reload?

[Mark Struberg <st...@yahoo.de.INVALID>]

wellllll, looks like a REALLY cool addition!

But fear I don't have time right now :/

LieGrue,
strub


> Am 27.06.2018 um 22:55 schrieb Romain Manni-Bucau <rm...@gmail.com>:
> 
> Hi guys,
> 
> Did you notice SSLHostConfig is .... reloadable?
> 
> Means we can have a let's encrypt extension!
> 
> Anyone motivated to hack it? If not i can give it a try after microprofile
> work
> 
> Romain Manni-Bucau
> @rmannibucau <https://twitter.com/rmannibucau> |  Blog
> <https://rmannibucau.metawerx.net/> | Old Blog
> <http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
> LinkedIn <https://www.linkedin.com/in/rmannibucau> | Book
> <https://www.packtpub.com/application-development/java-ee-8-high-performance>

Re: [meecrowave] did you know? tomcat and SSLHostConfig reload?

[Romain Manni-Bucau <rm...@gmail.com>]

PS (if you are interested):
https://github.com/rmannibucau/letsencrypt-manager should be pretty close
to work, just need some love to be MW friendly:

- config to use meecrowave options (--letsencrypt-xxxx) and make most of
the code using config instead of hardcoded values
- automatically activate jmx or just lookup Meecrowave instance then do
getTomcat() etc to find the tomcat Endpoint to call reloadSSLConfigs
instead of using JMX (+1 to not use jmx btw)
- use a valve to handle let's encrypt file serving instead of assuming
webapps/ will serve the file (well known file)
- (to study) drop acme lib and just do it since we have a nice jaxrs client
and json lib
- find a way to test it somehow?

Romain Manni-Bucau
@rmannibucau <https://twitter.com/rmannibucau> |  Blog
<https://rmannibucau.metawerx.net/> | Old Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | Book
<https://www.packtpub.com/application-development/java-ee-8-high-performance>


Le mer. 27 juin 2018 à 22:55, Romain Manni-Bucau <rm...@gmail.com> a
écrit :

> Hi guys,
>
> Did you notice SSLHostConfig is .... reloadable?
>
> Means we can have a let's encrypt extension!
>
> Anyone motivated to hack it? If not i can give it a try after microprofile
> work
>
> Romain Manni-Bucau
> @rmannibucau <https://twitter.com/rmannibucau> |  Blog
> <https://rmannibucau.metawerx.net/> | Old Blog
> <http://rmannibucau.wordpress.com> | Github
> <https://github.com/rmannibucau> | LinkedIn
> <https://www.linkedin.com/in/rmannibucau> | Book
> <https://www.packtpub.com/application-development/java-ee-8-high-performance>
>