-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature request] Avoid interruptions of the HTTP & HTTPS services when renewing the letsencrypt certificate #76
Comments
Yes, this question appeared for Then, for the TLS part, |
Hello, so for what is worth, my impression/idea is:
Since usually you'd do a let's encrypt renegotiation ahead of time (1 week before expiry or so), I wouldn't bother with rekey/reneg of existing sessions, but instead assume they'll be fine (and there's no connection that outlives an expired certificate). :) WDYT? |
As long as the user/dev experience doesn't become overcomplicated I'm all for it. See also this somewhat related work to make the API higher-level: #75, which would have to be rewritten probably. |
As far as i understand, right now, the way to renew the letsencrypt certificate for a given mirage application for example is to:
LE.request_handler
As far as I see, it should be possible to:
LE.request_handler
take a follow-up handler called for all the cases that are not/.well-known/acme-challenge/<token>
Paf.https_service
fromtls:Tls.Config.server -> ...
totls:Tls.Config.server ref -> ...
The text was updated successfully, but these errors were encountered: