Closed wyld-sw closed 3 years ago
ghost
commented
4 years ago Please include logic that rejects the new cert if there's something about it that's invalid, and continues to run with the old cert. This would be an easy way to crash your everything in a fat-finger event.
dinoex
commented
4 years ago Working patch for fbmuck-6.18 as sample:
tanabi
commented
4 years ago This looks like it probably works. Sorry for sitting on this so long @dinoex ! I'll try to get this merged in soon.
tanabi
commented
4 years ago I have patched this in and updated it to the FB7 coding standards. I haven't thoroughly tested it yet, so no merge yet, but this is almost done. Sorry for the long wait.
tanabi
commented
3 years ago This is done, pending code review. Please note I added a tune param that defaults to false called auto_reload_certs ... it has to be set to true to enable this behavior.
tanabi
commented
3 years ago I think I should probably rename it to ssl_auto_reload_certs to be more in line with coding standards, I will do that ....
Consider calling reconfigure_ssl (or similar) when the server detects that the certificate files have been modified.
Thanks to DinoEx@Anthopomorphia for the idea.