Search code examples
javatomcatjavabeanstomcat10java-17

How to get the SSLHostConfig?

I am able to get the parent Connector with

        MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
        QueryExp qe = Query.match(Query.attr("port"), Query.value("443"));
        ObjectName on = new ObjectName("*:type=Connector,*");
        Set<ObjectName> objectNames = mbs.queryNames(on, qe);

and I don't want to read server.xml in case it is out of sync. How is one to get the SSLHostConfig ?

Solution

  • The Connector MBean does not contain information on the TLS configuration. You need to call the method findSslHostConfigs on a bean of type=ThreadPool. ThreadPool is actually a misnomer, since this MBean is exported by each ProtocolHandler.

    final MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
final QueryExp qe = Query.eq(Query.attr("port"), Query.value(443));
final ObjectName on = new ObjectName("*:type=ThreadPool,*");
final Set<ObjectName> protocols = mbs.queryNames(on, qe);
for (final ObjectName protocol : protocols) {
    SSLHostConfig[] configs = (SSLHostConfig[]) mbs.invoke(protocol, "findSslHostConfigs", null, null);
    // do something with the SSLHostConfig
}

    Alternatively the SSLHostConfigs are available as MBeans too: they have the property type=SSLHostConfig.