-
Notifications
You must be signed in to change notification settings - Fork 983
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Gracefully reload server / ssl certificate #1926
Comments
Alright, i have a workaround, but i will leave the issue up as it might be a good idea to implement something better into node-restify itself. If it is not something that you are interested in implementing feel free to close. My snippet: fs.watch(Config.get('web.ssl.certificate'), (curr, prev) => {
console.log("SSl certificate changed, reloading");
RestServer.server.setSecureContext({cert: fs.readFileSync(Config.get('web.ssl.certificate'))})
}) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
More of a question, but can be turned into a feature request if it does not exist yet.
Feature Request
I am looking for a way to gracefully reload the ssl certificate of a restify server.
Use Case
SSl certificates expire and need renewals from time to time. This can easily be automated with acme.sh/certbot, but node-restify does not pick up the new certificate.
I presume this is on purpose to keep out some side effects, but i would still like this feature for my own service.
I have made a simple snippet that allows watching for file changes on the certificate, but just .close()'ing the service and then running .listen again does not seem to have the wanted effect. The cert only gets recreated when restify.createServer is called, but then all routes have to be re-initted which is not easily possible and mean i would just have to restart the whole application
Example API
for example a
server.updateSettings()
, or similar call?Are you willing and able to implement this?
Yes, but it probably won't look as good, so i hope there's a workaround for now.
The text was updated successfully, but these errors were encountered: