Hi Eric, please create a GitLab issue for this. I think the rndc reconfig should pick the new cert/key, but I am not sure if we have actually implemented this.
Ondřej -- Ondřej Surý — ISC (He/Him) My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours. > On 9. 9. 2021, at 17:26, Eric Germann via bind-users > <bind-users@lists.isc.org> wrote: > > I’ve implemented DNS over HTTPS on two of my servers to get some experience. > I’m using LetsEncrypt for the cert issuer. > > I ran in to an issue where it appears named only reads them on init. The > cert expired and certbot faithfully renewed it, but was using the old cert it > read at initialization. > > My question is if a “rndc reconfig” will read the new cert when it reloads > the config or do I have to stop and start named to get it to pick it up? > > Thanks > > --- > Eric Germann > ekgermann {at} semperen {dot} com || ekgermann {at} gmail {dot} com > LinkedIn: https://www.linkedin.com/in/ericgermann > Twitter: @ekgermann > Telegram || Signal || Phone +1 {dash} 419 {dash} 513 {dash} 0712 > > GPG Fingerprint: 89ED 36B3 515A 211B 6390 60A9 E30D 9B9B 3EBF F1A1 > > > > > > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users