Package org.apache.catalina.security
Class TLSCertificateReloadListener
java.lang.Object
org.apache.catalina.security.TLSCertificateReloadListener
- All Implemented Interfaces:
- LifecycleListener
A 
LifecycleListener that may be used to monitor the expiration dates of TLS certificates and trigger
 automatic reloading of the TLS configuration a set number of days before the TLS certificate expires.
 This listener assumes there is some other process (certbot, cloud infrastructure, etc) that renews the certificate on a regular basis and replaces the current certificate with the new one.
This listener does NOT re-read the Tomcat configuration from server.xml. If you make changes to server.xml you must restart the Tomcat process to pick up those changes.
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionintGet the time, in seconds, between reloading checks.intGet the number of days before the expiry of a TLS certificate that it is expected that the new certificate will be in place and the reloading can be triggered.voidlifecycleEvent(LifecycleEvent event) Acknowledge the occurrence of the specified event.voidsetCheckPeriod(int checkPeriod) Set the time, in seconds, between reloading checks.voidsetDaysBefore(int daysBefore) Set the number of days before the expiry of a TLS certificate that it is expected that the new certificate will be in place and the reloading can be triggered.
- 
Constructor Details- 
TLSCertificateReloadListenerpublic TLSCertificateReloadListener()
 
- 
- 
Method Details- 
getCheckPeriodpublic int getCheckPeriod()Get the time, in seconds, between reloading checks.The periodic process for LifecycleListenertypically runs much more frequently than this listener requires. This attribute controls the period between checks.If not specified, a default of 86,400 seconds (24 hours) is used. - Returns:
- The time, in seconds, between reloading checks
 
- 
setCheckPeriodpublic void setCheckPeriod(int checkPeriod) Set the time, in seconds, between reloading checks.- Parameters:
- checkPeriod- The new time, in seconds, between reloading checks
 
- 
getDaysBeforepublic int getDaysBefore()Get the number of days before the expiry of a TLS certificate that it is expected that the new certificate will be in place and the reloading can be triggered.If not specified, a default of 14 days is used. - Returns:
- The number of days before the expiry of a TLS certificate that the reloading will be triggered
 
- 
setDaysBeforepublic void setDaysBefore(int daysBefore) Set the number of days before the expiry of a TLS certificate that it is expected that the new certificate will be in place and the reloading can be triggered.- Parameters:
- daysBefore- the number of days before the expiry of the current certificate that reloading will be triggered
 
- 
lifecycleEventDescription copied from interface:LifecycleListenerAcknowledge the occurrence of the specified event.- Specified by:
- lifecycleEventin interface- LifecycleListener
- Parameters:
- event- LifecycleEvent that has occurred
 
 
-