From: Francis Dupont <fdupont@isc.org>
Date: Tue, 12 Nov 2024 09:04:02 +0000 (+0100)
Subject: [#3255] Added a note
X-Git-Tag: Kea-2.7.5~28^2~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a7bb3fb40ed9caf07ddb3f348eaaa2582577aedd;p=thirdparty%2Fkea.git

[#3255] Added a note
---

diff --git a/doc/sphinx/arm/security.rst b/doc/sphinx/arm/security.rst
index 8ceb4f12ec..b6cf3fccf1 100644
--- a/doc/sphinx/arm/security.rst
+++ b/doc/sphinx/arm/security.rst
@@ -36,6 +36,13 @@ protection possible:
    the two security mechanisms, and therefore no proof that the TLS client and server
    are the same as the HTTP authentication client and server.
 
+.. note::
+
+   On reconfiguration a new listener HTTP socket is opened only when the
+   address or the port was changed so to apply a TLS setup change, e.g.
+   a certificate update, Kea must be restarted (i.e. stopped and started
+   vs reloaded).
+
 .. _tls_config:
 
 Building Kea with TLS/HTTPS Support