Add the ability for the client to detect certificate changes or expiration and automatically reconnect.
Use Case:
It is common to use mTLS client connections with a certificate management system like cert-manager. With this configuration, the certificate may be renewed during the application's lifetime, especially if the certificate has a short TTL. Currently, this means that the application would need to call Connect() again and set up all of the subscriptions, etc. Usually, it is easier to just crash and restart the application.
Proposed Change:
The client automatically reloads the certificate and reconnects when the certificate has expired or is changed.
Who Benefits From The Change(s)?
Anyone that uses mTLS client connections and short TTLs. This problem can be seen in nack and surveyor today if using shorter TTLs in the certificates.
Alternative Approaches
Add a method that the application can call to reload the certificates and reconnect.
Feature Request
Add the ability for the client to detect certificate changes or expiration and automatically reconnect.
Use Case:
It is common to use mTLS client connections with a certificate management system like
cert-manager
. With this configuration, the certificate may be renewed during the application's lifetime, especially if the certificate has a short TTL. Currently, this means that the application would need to callConnect()
again and set up all of the subscriptions, etc. Usually, it is easier to just crash and restart the application.Proposed Change:
The client automatically reloads the certificate and reconnects when the certificate has expired or is changed.
Who Benefits From The Change(s)?
Anyone that uses mTLS client connections and short TTLs. This problem can be seen in
nack
andsurveyor
today if using shorter TTLs in the certificates.Alternative Approaches
Add a method that the application can call to reload the certificates and reconnect.