[jboss-jira] [JBoss JIRA] (WFLY-4321) restart of http connector without restarting whole web container

Charles Wilhelm (JIRA) issues at jboss.org
Wed Nov 2 11:27:01 EDT 2016 

    [ https://issues.jboss.org/browse/WFLY-4321?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13316184#comment-13316184 ] 

Charles Wilhelm commented on WFLY-4321:
---------------------------------------

Can you give me some advice how to remove and add https listener without the need to reload? In combination with letsencrypt such a "hot" update of the keystores would be very nice.

What I can do:
{code}
/subsystem=undertow/server=default-server/https-listener=https:remove()
{code}
but this needs a reload then.

{code}
/subsystem=undertow/server=default-server/https-listener=https:add(socket-binding=https, security-realm="UndertowRealm", enabled-protocols="TLSv1,TLSv1.1,TLSv1.2", enabled-cipher-suites="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", max-post-size="52428800", no-request-timeout="20000", tcp-keep-alive="true", socket-binding="https")
{code}
whereas readding does not require a reload.

> restart of http connector without restarting whole web container
> ----------------------------------------------------------------
>
>                 Key: WFLY-4321
>                 URL: https://issues.jboss.org/browse/WFLY-4321
>             Project: WildFly
>          Issue Type: Feature Request
>          Components: Web (Undertow)
>    Affects Versions: 8.2.0.Final
>            Reporter: Davide Gesino
>            Priority: Minor
>              Labels: connector,, mbeans, ssl,
>             Fix For: Awaiting Volunteers
>
>
> It would be great if Undertow provided a feature Tomcat has, namely the possibility to stop the http connector without restarting the whole container.
> It's useful for example in case when certificates for SSL communication change while the container is up and running.
> Tomcat has this feature setting the property "org.apache.tomcat.util.ENABLE_MODELER" to true: this turn on the MBeans management for Tomcat.
> Through these beans it's possible to start and stop the connectors.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list