Graceful dovecot reload for LE certificate renewals
Hi Dovecot-gurus
With the introduction of LE certificates the certificate renewal cycle is a lot faster, unfortunately even a "dovecot reload" cuts the existing connections when doing the cert updates, which is quite frustrating - and yes most clients automatically reconnect but still...
Is any work going into implementing a more “graceful reload” for dovecot like the one for nginx where existing connections are preserved with the old cert and new connections get the new cert?
Kind Regards, Sidsel Jensen Systems Engineer @ One.com <http://one.com/>
On 14 May 2019, at 08:24, Sidsel Jensen via dovecot <dovecot@dovecot.org> wrote:
Is any work going into implementing a more “graceful reload” for dovecot like the one for nginx where existing connections are preserved with the old cert and new connections get the new cert?
I hope so.
Right now I am simply running the cert renewal script at 0400 Sunday when connections are lowest. Once every 60 days is tolerable.
-- And what rough beast, its hour come round at last, Slouches towards Bethlehem to be born?
participants (2)
-
@lbutlr
-
Sidsel Jensen