Bug 59233 - support unlimited SSL certificates stored in database or file system without server restart
Summary: support unlimited SSL certificates stored in database or file system without ...
Status: RESOLVED FIXED
Alias: None
Product: Tomcat 9
Classification: Unclassified
Component: Connectors (show other bugs)
Version: 9.0.0.M4
Hardware: All All
: P2 enhancement (vote)
Target Milestone: -----
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-03-24 16:14 UTC by javaone9
Modified: 2016-11-05 02:39 UTC (History)
0 users


Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description javaone9 2016-03-24 16:14:37 UTC 
For a web application that allows users to create business websites and bind their own domains. All the domains will be mapped to the same IP address, and one port is used for all. For example,

       https://mydomain1.com
       https://mydomain2.com
       https://mydomain3.com

The number of domains is unlimited.

Each user should be able to upload a SSL certificate for his/her own domain, and the certificate can be stored in database or file system. Many users are using the web application at the time, and thus server restart is not acceptable. 

Tomcat9 can provide a SSL provider interface like: getCertificate(domain). How to get the certificate is up to the provider implementation. SSL should be configured dynamically at the run time without server restart.
Comment 1 Mark Thomas 2016-06-20 20:13:39 UTC 
Tomcat doesn't want to get into the details of where the meta-data is stored.

It is already possible to add virtual hosts dynamically. What isn't currently possible is adding an SSLHostConfig to an Endpoint. That doesn't look too tricky. I'll take a look.
Comment 2 Mark Thomas 2016-06-23 19:29:47 UTC 
Adding TLS virtual hosts (or in implementation terms SSLHostConfigs to an Endpoint) dynamically will be supported in 9.0.0.M9 and 8.5.4 onwards.
Comment 3 javaone9 2016-11-05 02:39:15 UTC 
From the following example from Tomcat9 migration guide:

<Connector port="8443"
           protocol="org.apache.coyote.http11.Http11AprProtocol"
           maxThreads="150"
           SSLEnabled="true"
           defaultSSLHostConfigName="openoffice.apache.org" >
    <SSLHostConfig hostName="openoffice.apache.org" >
        <Certificate certificateKeyFile="conf/openoffice.apache.org-rsa-key.pem"
                     certificateFile="conf/openoffice.apache.org-rsa-cert.pem"
                     type="RSA" />
        <Certificate certificateKeyFile="conf/openoffice.apache.org-ec-key.pem"
                     certificateFile="conf/openoffice.apache.org-ec-cert.pem"
                     type="EC" />
    </SSLHostConfig>
    <SSLHostConfig hostName="www.openoffice.org" >
        <Certificate certificateKeyFile="conf/www.openoffice.org-rsa-key.pem"
                     certificateFile="conf/www.openoffice.org-rsa-cert.pem"
                     type="RSA" />
        <Certificate certificateKeyFile="conf/www.openoffice.org-ec-key.pem"
                     certificateFile="conf/www.openoffice.org-ec-cert.pem"
                     type="EC" />
    </SSLHostConfig>
</Connector>

Does it require server restart after adding a new domain and its certificate?
Can it be scaled to thousands of domains?  The use case is that a web app allows users (thousands or millions) to bind their own domains and upload SSL certificates. Can Tomcat9 handle the use case? Thanks.