setting ssl keystore at runtime in Jetty

前端 未结 5 1531
盖世英雄少女心
盖世英雄少女心 2021-02-13 14:47

Is it possible to change keystore at runtime? Currently I am setting up SSL before I do a server.start() -

sslContextFactory.setTrustStore(ks);
sslContextFactor         


        
5条回答
  •  深忆病人
    2021-02-13 15:29

    This has been fixed since Jetty 9.4.0, see https://github.com/eclipse/jetty.project/issues/918. You can now just override the Key/TrustStore etc. and call SslContextFactory.reload.

    Note however there is a caveat with TLS session resumption: https://github.com/eclipse/jetty.project/issues/918#issuecomment-250791417. According to the comments, it shouldn't be an issue with common browsers, but who knows about IE, Mobile, non-browser clients, etc.

提交回复
热议问题