crypto/x509: add ability to reload root certificates #41888
As it can be seen on this line, root certificates loaded only once during the lifetime of the application -
This creates a problem when new root certificates are added. In our case, it happens on a regular basis when clients add intermediate/root certificates to the system via a separate component and then all other components that run in separate processes are expected to make use of them. This is currently not possible.
We are currently re-implemented Root Certificate loading logic by cutting and pasting the code from this library into our codebase and create our own certPool() for every request that requires the ca-chain refresh.
The text was updated successfully, but these errors were encountered: