[openssl-users] certificate renewal without restarting processes
rsalz at akamai.com
Thu May 25 14:28:30 UTC 2017
> It uses SSL_CTX_use_certificate_chain_file in some places and in other places
> it uses PEM_read_bio_X509
> When these APIs are used, can the OpenSSL stack detect updated files on
> disk and reload them without any intervention from the application?
No, it's a load and use the current contents.
You can call them multiple times; the old content will be removed and new content reloaded.
More information about the openssl-users