[undertow-dev] let's encrypt
Stuart Douglas
sdouglas at redhat.com
Tue Sep 13 19:07:32 EDT 2016
It should be, although it would be a little bit of work. You need to
wrap the SSLContext (or rather implement OpenSSLContextSPI) to
delegate to a 'real' underlying context. When the certificate changes
you just build a new context and then change the one you are
delegating too, which means all new connections will use the new
context.
Stuart
On Wed, Sep 14, 2016 at 1:43 AM, Edgar Espina <espina.edgar at gmail.com> wrote:
> Hi,
>
> I'm playing with https://github.com/shred/acme4j, let's encrypt and
> undertow. I made some progress but it is hard to test if the certificate
> works without and real domain. I'm using ngrok but think there is a problem
> there with HTTPS... not sure.
>
> Anyway, I want to know if there is a way to dynamically renew the
> certificate at runtime (no downtime).
>
> Don't think is possible with existing API, is it?
>
> Thanks
>
> _______________________________________________
> undertow-dev mailing list
> undertow-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/undertow-dev
More information about the undertow-dev
mailing list