Skip to content

feat: live MITM cert reload#18

Open
Joyce-O wants to merge 2 commits intoGreyhavenHQ:mainfrom
Joyce-O:feat/mitm-cert-reload
Open

feat: live MITM cert reload#18
Joyce-O wants to merge 2 commits intoGreyhavenHQ:mainfrom
Joyce-O:feat/mitm-cert-reload

Conversation

@Joyce-O
Copy link
Contributor

@Joyce-O Joyce-O commented Mar 20, 2026

feat: live MITM cert reload

Adds the ability to reload the MITM CA certificate in a running greyproxy instance without restarting the service.
CLI

  • Added greyproxy cert reload subcommand — sends a reload request to the local API and reports success/failure
    Daemon
  • Extracted injectCertPaths() so cert injection runs both on startup and on config reload
  • Added watchCertFiles() goroutine — polls ca-cert.pem and ca-key.pem every 5s and triggers a config reload automatically when the files change
  • Wired shared.ReloadCertFn so the API handler can trigger a reload
    API
  • Added POST /api/cert/reload endpoint (CertReloadHandler)
    Docs
  • Added build-from-source and cert setup instructions to README (greyproxy cert generategreyproxy cert install, codesign step for macOS)

@Joyce-O Joyce-O mentioned this pull request Mar 20, 2026
Closed
@Joyce-O @claude
test: add tests for CertReloadHandler and injectCertPaths
e8c997d 
CertReloadHandler: nil fn → 503, fn error → 500, success → 200.
injectCertPaths: absent files, partial files, http/socks5 injection,
non-http handler skipped, nil handler, existing metadata not overwritten.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@Joyce-O Joyce-O marked this pull request as ready for review March 20, 2026 15:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Joyce-O