shawn
Reputation: 4223
Reloading an SSLServerSocket after a keystore change without closing and creating a new socket
I have opened a SSLServerSocket which is created from a SSLContext object which gets loaded with a truststore and keystore. In addition to that, I also have a separate editor program which edits the keystore, i.e. add/remove certificates, etc. In the event that the keystore or truststore changes, is there a way to load it to the SSLServerSocket without closing it and creating a new one.
sslContext.init( keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null );
serverSocket = ( SSLServerSocket ) sslContext.getServerSocketFactory().createServerSocket( getPort() );
serverSocket.setNeedClientAuth( true );
Upvotes: 2
Views: 235
Answers (1)
user207421
Reputation: 310985
No there isn't, but closing it and quickly opening a new one shouldn't hurt you. Clients that try to connect in the interim will get connection failures, ditto any pending clients in the backlog queue, but you should be able to get it all done in a second or less.
Upvotes: 2
Related Questions
- Creating an ephemeral SSL / TLS socket using a fresh key pair
- SSLContext. Should I reload it?
- Shutting down SSL without closing underlying socket?
- Reloading a java.net.http.HttpClient's SSLContext
- Can I reload trustmanager after opening serversocket in a ssl connection
- Java SSLSockets: same keyStore on client and server, is it safe?
- java.net.SocketException: Connection reset
- Properly closing SSLSocket
- Error when opening and closing an SSLSocket w/o writing any data
- Can I add a new certificate to the keystore without restarting the JVM?