karlheyes / icecast-kh

KH branch of icecast
GNU General Public License v2.0
300 stars 107 forks source link

SSL renewal #322

Closed hmorneau closed 4 years ago

hmorneau commented 4 years ago

I have seen somewhere that KH support cert renewal without having to restart Icecast.

I have tried this just now, I have updated the pem file with a new cert and when I visit the stream URL in https, it still shows the old cert. Any idea if a restart is needed?

I already confirmed that the pem file have the new cert.

karlheyes commented 4 years ago

trigger a reload either with HUP signal or via the admin page

karl

hmorneau commented 4 years ago

HUP signal is working :)

Does Icecast reload everything from the conf file with it?

karlheyes commented 4 years ago

most things are, certain things relating to security concerns are not. eg adding listening ports is fine but usually adding ports less than 1024 is not possible, changing the chroot or changeowner aspects are also problematic over a reload. Those don't tend to be the things people change though.

karl.