How to reload coturn when ssl certificates are renewed?

[priyanjitdey94]

[Help Needed] [Discussion]

I am using certbot for creating SSL certificates which renews every 3months.

• How to make coturn auto-reload when certbot has auto-renewed the SSL certificates?
• How to make coturn auto-reload new SSL certificates from terminal without breaking existing connections and downtime?

Please provide any relevant docs/articles around it. Also would like to know how other users are handling this use-case since this is very common.

[JeanPluzo]

Hi,
if you're using certbot in a script you could just add systemctl restart coturn.service at the end of said script. From my experience you can restart the service even if you have connections, since a client will build a connection again once the old one is dropped. The restart takes only a fraction of a second.
If you're using coturn as a docker container then it could get more complicated, but is still doable since you "only" restart a docker container (docker container restart coturn), or, to be safe kill the container and create a new one. This will load the new certs.
If you really don't want any downtime you should do these steps when there's little or no traffic (nightime) using crontab.
Hope this helps.
Regards,
J.