On 9/10/19 3:34 PM, Howard Chu wrote:
Olivier wrote:Jean-Francois Malouin <Jean-Francois.Malouin@bic.mni.mcgill.ca> writes:As the subject say, I'm contemplating the use of LetsEncrypt TLS certificates. Is there a way to make slapd aware of a cert renewal (they happen every 90 days) without restarting it, ie, with minimal service interruption?I *do* restart slapd after I installed the new Let's Encrypt certificate.Use ldapmodify to set the new cert in cn=config. No restarts needed.
Nitpicking: This requires to use new file names for cert and key files, doesn't it? Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature