Hi Eric,
please create a GitLab issue for this. I think the rndc reconfig should pick
the new cert/key, but I am not sure if we have actually implemented this.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 9. 9. 2021, at 17:26, Eric Germann via bind-users
> <bind-users@lists.isc.org> wrote:
>
> I’ve implemented DNS over HTTPS on two of my servers to get some experience.
> I’m using LetsEncrypt for the cert issuer.
>
> I ran in to an issue where it appears named only reads them on init. The
> cert expired and certbot faithfully renewed it, but was using the old cert it
> read at initialization.
>
> My question is if a “rndc reconfig” will read the new cert when it reloads
> the config or do I have to stop and start named to get it to pick it up?
>
> Thanks
>
> ---
> Eric Germann
> ekgermann {at} semperen {dot} com || ekgermann {at} gmail {dot} com
> LinkedIn: https://www.linkedin.com/in/ericgermann
> Twitter: @ekgermann
> Telegram || Signal || Phone +1 {dash} 419 {dash} 513 {dash} 0712
>
> GPG Fingerprint: 89ED 36B3 515A 211B 6390 60A9 E30D 9B9B 3EBF F1A1
>
>
>
>
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
