Reload SSL certificate

If your UnrealIRCd is up and running but you have a question about it, then use this forum.
(NOT for installation or connecting issues! Use the other forum instead.)

Moderator: Supporters

Locked
rakiru
Posts: 2
Joined: Mon Nov 02, 2015 10:59 pm

Reload SSL certificate

Post by rakiru » Mon Nov 02, 2015 11:14 pm

Does UnrealIRCd 4 allow you to reload the SSL certificate without a restart? I know 3.X can't, as explained in this ticket, but as the codebase for 4 has seen a lot of refactoring, I'm wondering if this has changed.

If it hasn't, I'll create a new ticket for the feature request. Existing connections can continue to use the one they connected to (it doesn't matter to them if the certificate has expired after initial connection), but new connections should use the new cert. Some CAs don't offer certs that last as long as an IRCd generally lives between restarts, and it's been suggested that shorter lifetimes are going to become even more common.

Syzop
UnrealIRCd head coder
Posts: 1957
Joined: Sat Mar 06, 2004 8:57 pm
Location: .nl
Contact:

Re: Reload SSL certificate

Post by Syzop » Wed Nov 04, 2015 9:25 pm

I see the bug report you quote is closed by Stskeeps in 2005. I added support for this in 2006 (so 3.2.x).
You can reload the SSL certificate with "/REHASH -ssl"

Code: Select all

commit 05f5cfe02b197873c5eb6c09e978a787b4bda4bd
Author: Bram Matthys <syzop@vulnscan.org>
Date:   Sun Aug 20 23:05:55 2006 +0000

    - The server SSL certificate and private key can now be reloaded without requiring a server
      restart, simply use: /REHASH -ssl

rakiru
Posts: 2
Joined: Mon Nov 02, 2015 10:59 pm

Re: Reload SSL certificate

Post by rakiru » Fri Nov 06, 2015 6:27 am

Ah, thanks a lot. The only relevant thing I could find on Google was that bug report, so I just assumed it was still the case.

Locked