New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add way to reload certificates #134

Closed
csmith opened this Issue Apr 30, 2017 · 1 comment

Comments

Projects
None yet
2 participants
@csmith
Contributor

csmith commented Apr 30, 2017

If we're thinking about using Let's Encrypt, there needs to be a way to tell DFBnc to reload the certificates (which I think should just be a case of nulling the SSLContext held in SSLContextManager, and allowing it to be recreated next session).

From a completely external point of view, being able to send a HUP and have DFBnc reload would be the best. There's an undocumented API in sun.misc.Signal for handling signals in Java.

Alternatively, DFBnc could have a command line argument to reload and do some kind of IPC itself (but that seems a little overkill).

@ShaneMcC

This comment has been minimized.

Collaborator

ShaneMcC commented Apr 30, 2017

I think HUP and then re-reading the SSL certs makes sense, but I don't think it could reload the entire config in a sane way.

@ShaneMcC ShaneMcC closed this in b581bcf May 7, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment