I see that the keystore is constructed on spring initialization and thus the application needs to be restarted if a new entry is added to the keystore. Does this also apply to the truststore?
Can I do a reload without restarting by creating a new SSLContext to use? Such as:
SSLContext sslcontext = SSLContext.getInstance("TLS");
sslcontext.init((KeyManager[])null, (TrustManager[])null, (SecureRandom)null);
Thanks!
If you use spring throu Tomcat you could reload the ssl-truststore (
Re-read TLS configuration files) by the tomcat-admin-layer.See here how to activate the admin-panel: Can I enable the tomcat manager app for Spring Boot's embedded tomcat?