As per current architecture, the end point URLs are hard coded into a JSON file in Appy. The JSON file is read once during server start up. End point URLs are exposed over HTTPS. When the end point uses a self signed certificate or a certificate issued by a CA that is not in the trust store, the same needs to be added to the trust store of Appy. The above steps are manual in nature and necessitate a server restart.
We are working on building a centralized Server Registry that can handle end point registration and preferably, act as a proxy between Appy and the end points. To achieve this, the Service Registry needs to allow dynamic addition of certificates to trust store without requiring a restart.
Has anyone handled a similar scenario? Are there any best practices in this area? Does Netflix Eureka have the capabilities that we are looking for and is it a good fit for our scenario? Any suggestions/pointers are greatly appreciated.