private void subscribeForSslTrustCertNotifications() { this.subscriptionManager.start((n) -> { loadSslTrustCertServices(); }, null); }
/** * Start the active subscription notifications of this trust manager and load the initial state * of ssl trust certificates. */ public void start() { // check if it's already started if (started.getAndSet(true)) { return; } this.documentUpdateTimeMicros = 0; try { verifySubscriptionTargetExists(() -> { try { subscribeForSslTrustCertNotifications(); loadSslTrustCertServices(); } catch (Exception e) { host.log(Level.SEVERE, "Failure while subscribing for ssl certificate notifications: %s", Utils.toString(e)); } }); } finally { schedulePeriodicCertificatesReload(); } }
/** * Periodically reload all certificates in case we missed something.. e.g. replicated * certificates from other xenon nodes */ private void schedulePeriodicCertificatesReload() { long nextDelay = (reloadCounter.get() > reloadCounterThreshold) ? maintenanceInterval : maintenanceIntervalInitial; if (host.isStopping()) { return; } Runnable task = () -> { try { host.log(Level.FINE, "Host %s reloading all certificates", host.getPublicUri()); documentUpdateTimeMicros = 0; loadSslTrustCertServices(); reloadCounter.updateAndGet((r) -> (r > reloadCounterThreshold) ? r : r + 1); schedulePeriodicCertificatesReload(); } catch (Exception e) { host.log(Level.WARNING, e.getMessage()); host.log(Level.FINE, Utils.toString(e)); schedulePeriodicCertificatesReload(); } }; try { host.schedule(task, nextDelay, TimeUnit.MICROSECONDS); } catch (Exception e) { host.log(Level.INFO, "Host is stopping"); } }