pho
commented
8 years ago This is the current behaviour for SSL because we re-read the files on every new connection, but not on the WSS listener, where only happens once.
Closed pho closed 8 years ago
pho
commented
8 years ago This is the current behaviour for SSL because we re-read the files on every new connection, but not on the WSS listener, where only happens once.
pho
commented
8 years ago Since b951b53728c6e019c4f02ca90c963d80e891651d the files will only be read on the listeners initialization.
We achieve the hot-reload of the certificates by stopping the listeners and starting them again, without restarting the daemon (Send the process SIGUSR1 and then SIGUSR2)
To avoid restarting the daemon everytime you renew the certificates (Let's Encrypt has a 3 month certs policy and renewals may happen very often)