Reload Netty Server's SSL Context for gRPC
I'm unsure if there are easier alternatives, but I see two potentially possible ways.
Make your own
SslContext
, mimicking DelegatingSslContext. You would swap to a differentSslContext
(especially duringnewEngine
) when you want a different certificate.Use a
KeyManagerFactory
whose key material can change over time. I'm not aware of a pre-existing implementation of such a factory, so you probably would need to implement aKeyManagerFactorySpi
that delegates to aKeyManagerFactory
. You could then swap out theKeyManagerFactory
over time.
I will warn that it would have been easy for me to miss something that would invalidate the approaches.