Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow hot reloading of certs through KeyCertOptions #4519

Closed
wants to merge 1 commit into from
Closed

Allow hot reloading of certs through KeyCertOptions #4519

wants to merge 1 commit into from

Conversation

sarankk
Copy link
Contributor

@sarankk sarankk commented Oct 24, 2022

Motivation
When we create servers with createHttpServer API we set server certs through server options. These options are set before starting server. When certificates are refreshed, already started HTTP server does not pick up refreshed certs. Hence we want to be able to enable hot reloading of certificates while setting certificate options in HttpServerOptions. By adding this feature, we will be able to refresh server certs without having to bounce the server.

Advantage of adding this feature
Reduces server downtime, by not needing a bounce when certs refresh.

Contribution
To do this, our thought process is to start a periodic timer to check for cert refreshes and the SSLContext is reloaded in case the certs have refreshed.

@sarankk @frankgh
Allow hot reloading of certs through KeyCertOptions
0ede284 
Co-authored-by: Francisco Guerrero <francisco.guerrero@apple.com>
@sarankk sarankk mentioned this pull request Oct 25, 2022
Closed
@Hakky54 Hakky54 mentioned this pull request Nov 9, 2022
Closed
@vietj vietj closed this Feb 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sarankk @vietj