Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

https server with short lived ssl credentials #603

Closed
vsacheti opened this issue Apr 25, 2017 · 2 comments
Closed

https server with short lived ssl credentials #603

vsacheti opened this issue Apr 25, 2017 · 2 comments

Comments

@vsacheti
Copy link

We have ssl credentials which are short lived (age is few hours) and are keep getting refreshed on the box

If there anyway where a running server can reload the certificates without restarting.
In Java-Jetty world something like this can be done using reload.

Is there anything similar in nodejs?

AFAIK, the only way to do this is to restart the server
We figured we can do sort of dynamic reload if we are running in cluster mode. The master can watch the certificate files and fork a new worker and kill the existing workers gracefully on a cert update

But I am not able to figure something on a standalone mode which can be graceful.
@bnoordhuis
Copy link
Member

Node.js has no official support for that (yet) but see nodejs/node#4464 (comment) for a workaround.

@vsacheti
Copy link
Author

vsacheti commented May 1, 2017

Thank You

@cjihrig cjihrig mentioned this issue Oct 13, 2018
Merged
4 tasks
cjihrig added a commit to cjihrig/node that referenced this issue Oct 21, 2018
@cjihrig
tls: support changing credentials dynamically
96a986d 
This commit adds a setSecureContext() method to TLS servers. In
order to maintain backwards compatibility, the method takes the
options needed to create a new SecureContext, rather than an
instance of SecureContext.

Fixes: nodejs#4464
Refs: nodejs#10349
Refs: nodejs/help#603
Refs: nodejs#15115
PR-URL: nodejs#23644
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
jasnell pushed a commit to nodejs/node that referenced this issue Oct 21, 2018
@cjihrig @jasnell
tls: support changing credentials dynamically
bed4a8c 
This commit adds a setSecureContext() method to TLS servers. In
order to maintain backwards compatibility, the method takes the
options needed to create a new SecureContext, rather than an
instance of SecureContext.

Fixes: #4464
Refs: #10349
Refs: nodejs/help#603
Refs: #15115
PR-URL: #23644
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
sam-github pushed a commit to sam-github/node that referenced this issue Apr 29, 2019
@cjihrig @sam-github
tls: support changing credentials dynamically
f47e208 
This commit adds a setSecureContext() method to TLS servers. In
order to maintain backwards compatibility, the method takes the
options needed to create a new SecureContext, rather than an
instance of SecureContext.

Fixes: nodejs#4464
Refs: nodejs#10349
Refs: nodejs/help#603
Refs: nodejs#15115
PR-URL: nodejs#23644
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bnoordhuis @vsacheti @Knighton910