Interesting issue when updating SSL certificates in AEM

Description

In my current project, we updated the SSL certificates on a running instance. When this was done, we found that all of our JAX-RS services were no longer working. The only thing I have from the logs is below. From the looks of it, it seems that the JAX-RS container does not support this kind of reloading. A quick fix to this is to just restart the affected bundles, but that is not the best approach.

Logs:

Activity

Show:
Stefan Seifert
May 14, 2018, 9:14 AM

i will try to reproduce the problem.
which AEM version are you using, or do you use sling standalone?
how did you update the SSL certificate - just replacing the keystore/truststore files on the filesystem?

Paul Bjorkstrand
May 14, 2018, 6:48 PM

AEM 6.3.1.0 (6.3 SP1).

The SSL change was performed by the CSE from Adobe Managed Services. He was following Adobe's instructions in the documentation

Additionally, the SSL provider was swapped over from the Jetty HTTPS service to the Granite SSL Connector service:

If it helps, he used the AEM UI to configure these settings (/libs/granite/security/content/sslConfig.html?item=configuration%2fconfiguressl&charset=utf-8).

Stefan Seifert
May 24, 2018, 1:43 PM

should be fixed with next version.
can you give it a try with the current snapshot 1.1.1-SNAPSHOT in your environment?

Paul Bjorkstrand
August 30, 2018, 4:41 PM

Sorry I have not responded. We have not had a chance to update yet (too many other things to work on, when a simple cycle of the instance fixes this ). Based on what I read in the code, looks like it should work, it was similar to what I was trying to implement before filing this ticket.

Fixed

Assignee

Stefan Seifert

Reporter

Paul Bjorkstrand

Labels

None

Components

Fix versions

Priority

Major