Open qbi opened 6 years ago
Ooh, that's a good idea. I will have to think about how to do it in the least annoying way.
I think you are right that config should make new certificates, but only upon significant change.
the current mechanism exists to minimise the amount of time spent playing certificate whackamole
needs revisiting
Recently I wanted to add a domain to a already existing project. I did:
eotk genkey
oldproject.conf
. A line likehardmap secrets.d/OUTPUT domainname
.eotk config oldproject.conf
eotk restart oldproject
I was able to use the onion servie, but got a warning about the certifificate. The certificate just used the old onion service name, but not the newly created ones.
I'd have expected that running
config
also creates a new certificate. Could this be changed or is it intentional?