Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Improvement] Ability to reload TLS certificates #7962

Open
2 tasks done
Dr-Shadow opened this issue May 16, 2024 · 0 comments
Open
2 tasks done

[Improvement] Ability to reload TLS certificates #7962

Dr-Shadow opened this issue May 16, 2024 · 0 comments
Labels
devops improvement

Comments

@Dr-Shadow
Copy link

Preflight Checklist

  • I could not find a solution in the existing issues, docs, nor discussions
  • I have joined the ZITADEL chat

Describe your problem

Hello, I'm missing guidance on the ability to reload the TLS certificates when renewed instead of restarting.

I usually use this on nginx : kill -SIGHUP $(cat /run/nginx.pid)
I'm wondering how that works for Zitadel (with no reverse proxy - TLS handled directly through the app)

For now, I use a reverse proxy with the ability to reload certificates.

Describe your ideal solution

Either watch for changes with inotify on the TLS files (cert / key) and reload them if they are valid or allow to reload them through a signal (SIGHUP / SIGUSR1)

Version

No response

Environment

Self-hosted

Additional Context

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
devops improvement
Projects
Product Management
Status: 🧐 Investigating
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Dr-Shadow @hifabienne