Figure out how to cleanly (and *quickly*) reload CRLs in takapi process

pvarki / docker-atak-server

Dockerfiles for building TAK server Java stuff and creating images

15 stars 4 forks source link

Figure out how to cleanly (and quickly) reload CRLs in takapi process #60

Open rambo opened 7 months ago

rambo commented 7 months ago

HUP restarts whole process, which is sloooooow. USR1 is unknown and kills the process USR2 causes segfault...

Another option is to automatically create a config XML that does not have CRL enabled and use that for the takapi process. since CoT handles CRL changes cleanly the user in question will at least drop out of updates and lose admin privileges so their remaining WebTAK access is going to be rather impotent.

https://github.com/pvarki/docker-atak-server/pull/61 is relevant.

rambo commented 5 months ago

CoT (8089) does not actually handle CRL reloads cleanly but at least it supports OCSP.

pvarki / docker-atak-server

Figure out how to cleanly (and *quickly*) reload CRLs in takapi process #60

Figure out how to cleanly (and quickly) reload CRLs in takapi process #60