mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-02-10 16:57:00 +08:00
Reload the certificates and private keys on SIGHUP
Until now this part of the configuration was static, but there is the need to reload certificates and keys, e.g., on renewal.
This commit is contained in:
Nikos Mavrogiannopoulos
@@ -139,7 +139,13 @@ ca-cert = ../tests/ca.pem
|
||||
|
||||
|
||||
### All configuration options below this line are reloaded on a SIGHUP.
|
||||
### The options above, will remain unchanged.
|
||||
### The options above, will remain unchanged. Note however, that the
|
||||
### server-cert, server-key, dh-params and ca-cert options will be reloaded
|
||||
### if the provided file changes, on server reload. That allows certificate
|
||||
### rotation, but requires the server key to remain the same for seamless
|
||||
### operation. If the server key changes on reload, there may be connection
|
||||
### failures during the reloading time.
|
||||
|
||||
|
||||
# Whether to enable seccomp/Linux namespaces worker isolation. That restricts the number of
|
||||
# system calls allowed to a worker process, in order to reduce damage from a
|
||||
|
||||
Reference in New Issue
Block a user