]> git.ipfire.org Git - thirdparty/knot-resolver.git/commit
projects / thirdparty / knot-resolver.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b7e5960) | patch
modules/http: fixes around maintenance of ephemeral certs
authorVladimír Čunát <vladimir.cunat@nic.cz>
Tue, 11 Jun 2019 09:48:52 +0000 (11:48 +0200)
committerTomas Krizek <tomas.krizek@nic.cz>
Tue, 18 Jun 2019 08:02:02 +0000 (10:02 +0200)
commit5826e485f40f56434e082d96ee57e5a6c40382f0
tree724b9cffa39147f0498c8bc13ed74cd6274d864ctree
parentb7e5960bb520ec85b8d78ad4bb6859997744a79bcommit | diff
modules/http: fixes around maintenance of ephemeral certs

The cert was updated only once :-/  Now it's updated until the http
module is unloaded.

Also, each socket would create its own ephemeral certificate,
so now that's all shared within the process.  Technically we could
synchronise even multiple instances, based on the files, but that would
be much more complex, and it seems an unlikely combination to deploy.
NEWS diff | blob | blame | history
modules/http/README.rst diff | blob | blame | history
modules/http/http.lua.in diff | blob | blame | history
modules/http/http_tls_cert.lua diff | blob | blame | history
Mirror of https://gitlab.nic.cz/knot/knot-resolver.git