]
harish murali commented on WFLY-9438:
-------------------------------------
[~ctomc] I am facing similar issue like this. We have wildfly 11 and we have a workflow
where we have to update the keystore and truststore updated so that fresh ssl connections
can take the updated certificates for client and server authentication. I am able to get
the server authentication work by using the following command :
/subsystem=elytron/key-store=httpsKS:load()
/subsystem=elytron/key-manager=vasaKm:init()
But my jboss server is unable to authenticate the client because it is not able to get
the updated trust store. There are similar commands to reload the trust store, but the
trust manager does not seem to take it. Is this a know issue?
Are there any solutions for this.
Add stop/start/restart operation to listeners.
----------------------------------------------
Key: WFLY-9438
URL:
https://issues.jboss.org/browse/WFLY-9438
Project: WildFly
Issue Type: Feature Request
Components: Web (Undertow)
Reporter: Robert Blody
Assignee: Stuart Douglas
Priority: Minor
Fix For: 11.0.0.Final
We are looking at migrating from Norton security certificates to LetsEncrypt, which gives
out free SSL certificates, but they expire in 90 days...
This presents a problem to us. We don't want to have to redeploy the site every 90
days, we want it to contiguously run, and like we're doing with the EAR, we just want
to call /redeploy on it, and have it continue operating.
However, we haven't found a way to reset the HTTP sockets like we can with the EAR. I
found this feature request: [WFLY-4321] restart of http connector without restarting whole
web container - JBoss Issue Tracker
In it, the developer on the last page recommends to run this command:
/subsystem=undertow/server=default-server/https-listener=https:remove()
{allow-resource-service-restart=true}
/subsystem=undertow/server=default-server/https-listener=https:add(socket-binding=https,
security-realm="UndertowRealm", socket-binding="https")
Removing and re-adding the listener requires a full restart of the Wildfly server. This
is just as bad as taking down the server. It would be helpful for consistency to have a
stop, stop and restart command attached to listeners as there already exists for
deployments.