[jetty-users] regd. loading certificate from truststore without restarti

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[jetty-users] regd. loading certificate from truststore without restarting jetty or loosing sslSocket

From: manu mehrotra <septembermanu@xxxxxxxxx>
Date: Fri, 5 Oct 2012 17:03:09 -0700
Delivered-to: jetty-users@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/jetty-users>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>

Hi,

I need to do ssl client-auth kind of use case using jetty.

The client will be sending their certificate and I'll be registering them in a truststore and then the client can make new requests using the certificate.

I have been able to implement everything but the problem is that after registering the certificate I have to restart jetty for that certificate to be loaded in.

I don't want to restart jetty every time so I wrote some JMX code to restart the SslSocketConnector only. But now the trouble is that the original connection drops after the SslSocketConnector is restarted. If the connection drops then I can't send a response back to the client whose certificate I have just registered.

Is there a way to read in certificates from the truuststore without restarting jetty?

The way I restart SslSocketConnector using JMX is as under:

public void refreshTrustStore() throws Exception {
           System.out.println("In refreshTrustStore");
           try{
               MBeanServer mBeanServer = ManagementFactory.

getPlatformMBeanServer();
                Set names = mBeanServer.queryNames(new ObjectName("*:*"), null);

                 Iterator it=names.iterator();
                 while( it.hasNext()) {
                    ObjectName _oname_= (ObjectName)it.next();

                    MBeanInfo minfo = mBeanServer.getMBeanInfo(oname);



                    if (minfo.getClassName().equals("org.mortbay.jetty.security.SslSocketConnector")) {
                        System.out.println("found ssl socket connector... will try to restart it");

                             System.out.println("Restarting SSL Connector on port ");
                             Object params[] = {};
                             String signature[] = {};
                             ;
                             /**
                              * Stop and restart the connector to get it to re-read the certificate trustfile
                              */
                             mBeanServer.invoke(oname, "stop", params, signature);
                             mBeanServer.invoke(oname, "start", params, signature);

                          }
                       }
                    }
               catch (Exception e) {
                 System.out.println("Did not restart SSL Connector: " + e);
                 e.printStackTrace();
                 throw e;
              }

       }

Any help will be greatly appreciated.

Thanks & Regards,
Manu

Prev by Date: Re: [jetty-users] SessionAuthentication class not found
Next by Date: Re: [jetty-users] Jetty OSGi boot in 8.1.7
Previous by thread: [jetty-users] Jetty doesn't seem to like Cookies separated by commas - intentional?
Next by thread: [jetty-users] ResourceHandler corrupts images
Index(es):
- Date
- Thread

Breadcrumbs