ActiveMQ Artemis: TLS certificate reload

certificate ssl activemq

Can Apache ActiveMQ Artemis (v2.13.0) use an updated TLS certificate while running, or does it require a restart? I did not find something about it in Configuring Transports and Configuration Reload sections.

When aiming towards short-living TLS certificates, any restart causes unwanted service interruptions.


Solution 1:

In version 2.10.0 if the keystore and/or truststore are updated at runtime then those changes will be reflected automatically in the broker without requiring a restart. The new values will be applied to new connections only. Existing connections will continue to work since they already performed a valid SSL/TLS handshake.

Please note that this behavior changed in the 2.18.0 release due to an SSL performance issue. Instead of updating automatically you'll need to invoke the reload operation on the acceptor via the management API (e.g. web console, JMX, HTTP via Jolokia, etc.).

Related

Netflow records with Destination Ports 1025,257 and Protocol as ipv6-icmp
What is the 'page lifecycle' of an ASP.NET MVC page, compared to ASP.NET WebForms?
How to implement a ConfigurationSection with a ConfigurationElementCollection
Aggregation versus Composition [closed]
How to securely save username/password (local)?
Is there a good charting library for iPhone? [closed]
Is there a parallel to defenestration -- for buses?
What form of emphasis was used before printing?
Expression for "unconsciously using words (or accents) used by a person you often talk with or listen to"?
Is there a term for accumulated dirt on the outside of your hands and feet?
How do I ask a question politely?
How to refer to the "elevated areas" of a mountain?