For an installation of Tomcat with JMX turned off, it would be nice to have an alternate way to request a graceful reload of the TLS configuration (eg for a renewed certificate) Having an option in the Manager seems a good way to permit this for admins-only, with no JMX
Since Tomcat 8.5.24 and similar Tomcat 9.0.x, the endpoint class contains these new methods: reloadSslHostConfig(String hostName) reloadSslHostConfigs() [ref: https://lists.apache.org/thread.html/79f8d5201990b57fc781c6e40730888934b3d57ce7bd7509720ef8e2@%3Cusers.tomcat.apache.org%3E] It seems this makes this enhancement much easier to accomplish, though there may not be a natural place to show such an operation (e.g. the "endpoints" aren't shown on the manager page). Where were you thinking you'd like these "reload TLS config" options to be offered?
Mark did it in r1818127 although I didn't test it.
I was working on this just before I went on PTO for the holiday period. Looks like I forgot to resolve this once I committed the feature. Sorry for any confusion.
Added to 8.5.x for 8.5.32 onwards.