Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Updating SSL keystore 
Hi,

On Mon, Feb 6, 2017 at 1:23 PM, John English <john.foreign@xxxxxxxxx> wrote:
> I'm having a play with this, but I still don't understand what the parameter
> to reload is for. I see in the example you use it to change the keystore
> path:
>
> sslContextFactory.reload(sslContextFactory -> {
>   if (sslContextFactory.getKeyStorePath().endsWith(KEYSTORE_1))
>     sslContextFactory.setKeyStorePath(KEYSTORE_2);
>   else
>     sslContextFactory.setKeyStorePath(KEYSTORE_1);
> });
>
> but what does this give that this doesn't?
>
> if (sslContextFactory.getKeyStorePath().endsWith(KEYSTORE_1))
>   sslContextFactory.setKeyStorePath(KEYSTORE_2);
> else
>   sslContextFactory.setKeyStorePath(KEYSTORE_1);
> sslContextFactory.reload(sslContextFactory -> { });
>
> I'm still getting used to Java 8, so forgive me if this is a stupid
> question...

The calls within the Consumer are performed with locks held so that
the updates are "atomic" with respect to the reload.
If you modify the SslContextFactory outside the Consumer, two threads
trying to reload may interfere with each other, while performing the
modification within the consumer will serialize the reloads.

-- 
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.

Back to the top