diff --git a/jetty-server/src/main/config/etc/jetty-ssl-context-reload.xml b/jetty-server/src/main/config/etc/jetty-ssl-context-reload.xml index 267bda744bc..46346359ed7 100644 --- a/jetty-server/src/main/config/etc/jetty-ssl-context-reload.xml +++ b/jetty-server/src/main/config/etc/jetty-ssl-context-reload.xml @@ -3,7 +3,7 @@ - + diff --git a/jetty-server/src/main/config/modules/ssl-reload.mod b/jetty-server/src/main/config/modules/ssl-reload.mod index 68eb6c95012..acddb16a4c7 100644 --- a/jetty-server/src/main/config/modules/ssl-reload.mod +++ b/jetty-server/src/main/config/modules/ssl-reload.mod @@ -1,4 +1,4 @@ -DO NOT EDIT - See: https://www.eclipse.org/jetty/documentation/current/startup-modules.html +# DO NOT EDIT - See: https://www.eclipse.org/jetty/documentation/current/startup-modules.html [description] Enables the SSL keystore to be reloaded after any changes are detected on the file system. diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/KeyStoreScanner.java b/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/KeyStoreScanner.java index 2e311dd6b69..3c4197552d4 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/KeyStoreScanner.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/KeyStoreScanner.java @@ -21,6 +21,7 @@ package org.eclipse.jetty.util.ssl; import java.io.File; import java.io.IOException; import java.util.Collections; +import java.util.function.Consumer; import org.eclipse.jetty.util.Scanner; import org.eclipse.jetty.util.annotation.ManagedAttribute; @@ -29,6 +30,12 @@ import org.eclipse.jetty.util.component.ContainerLifeCycle; import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.log.Logger; +/** + *

The {@link KeyStoreScanner} is used to monitor the KeyStore file used by the {@link SslContextFactory}. + * It will reload the {@link SslContextFactory} if it detects that the KeyStore file has been modified.

+ *

If the TrustStore file needs to be changed, then this should be done before touching the KeyStore file, + * the {@link SslContextFactory#reload(Consumer)} will only occur after the KeyStore file has been modified.

+ */ public class KeyStoreScanner extends ContainerLifeCycle implements Scanner.DiscreteListener { private static final Logger LOG = Log.getLogger(KeyStoreScanner.class);