CODEWITHSUNDEEP
javatomcatrestart
Manjunath
Manjunath

Reputation: 131

Programmatically refresh/restart current Tomcat instance

I need to refresh/restart Tomcat after adding the generated SSL certificate in keystore. I'm using Java REST call to add the certificate. 

store.setKeyEntry("tomcat", keyPair.getPrivate(),
                    "password".toCharArray(), certs);

Refresh/restart should happen within in the same REST call.

How can I achieve this?

Upvotes: 3

Views: 1743

Answers (3)

Manjunath
Manjunath

Reputation: 131

i'm able to restart now. i used batch file to restart server. but after restart if i try any REST call again it is getting hanged. and it will work after 10-15 minutes. code snippet

public void run() {

    try {
        Thread.sleep(3000); // wait for response return
        String path = SERVER_RESTART_SCRIPT;
        Runtime rn = Runtime.getRuntime();
        Process proc = rn.exec(path);
        proc.waitFor();
        System.exit(0);
    } catch (IOException e) {
        logger.error("IO exception: " + e);
    } catch (InterruptedException e) {
        logger.error("InterruptedException: " + e);
    }

}

Upvotes: 2

Ajay Deshwal
Ajay Deshwal

Reputation: 1306

I agree with Gabor on security vulnerability. I am not aware of your use-case, but in case you really need to achieve it nevertheless, then you need to create a simple tomcat restart script and execute it after adding the certificate. The solution is described in the following post: how to restart tomcat from a running webapp?

I would suggest that you use Apache Commons Exec

Hope that helps.

Upvotes: 0

Gabor Jakab
Gabor Jakab

Reputation: 246

This is a high level security problem! You cannot / should not restart your server with a REST call! This will give your clients a very simple way to generate a DOS Denial of Service hack in your datacenter possibly restricting other services!

In case you need to manage lower level software / hardware services related to your assets then you should not use your application level services and protocols but you should implement low level management protocols which is part of your security infrastructure!

To be more specific in your case I would use a Virtual Environment e.g. VMWare and the related protocols and calls to set / reset credentials and start / restart servers dynamically! There is a good chance that the VMWare virtual services also have some upper level applications which have REST services that you can still use (after SSL handshake and all related security handles) from your client to call HTTP REST to initiate those services!

Upvotes: 3

Related Questions