[Autocert] How to make service applications to pick up and reload renewed certificates without restarting #965
-
I have installed 'autocert' through the helm chart, which works very well. (Thank you to the community) I am then providing these certificates to my other k8s services such as code-server or Elastic Kibana so they can have continuous TLS support. I know that the maximum duration of the certificate is 24h and the renewer is renewing them very well, however, how can I let those services pick up the new certificate instead of the old one? Unlike some applications that have features to either manually/automatically reload certificates, code-server (Visual Studio code) does not seem to have a reload method. As a result, the only way I can think of right now is to manually restart a pod which is not ideal. @maraino in my previous issue suggested me to include an inotify-based tool in the docker image to monitor the certificate renewal, then modify code-server code (Node.js) to reload the certificate. I am not very familiar with the idea, so I would really appreciate your help! Thanks! |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
As an alternative solution, I resolved this issue by increasing the duration to one year in Configmap by following below. |
Beta Was this translation helpful? Give feedback.
As an alternative solution, I resolved this issue by increasing the duration to one year in Configmap by following below.