The problem with reloading SSL configuration is if there is a problem with one of your certs, say a permission issue, ATS will unload all the certs from the running process and still accept traffic causing SSL errors.
Being able to reload just the keys is much safer than trying to reload the world, or configs that have changed. Especially since key rotation will likely be automatic on a schedule. -Bret On Tue, Aug 4, 2015 at 8:56 PM, James Peach <jpe...@apache.org> wrote: > > > On Aug 4, 2015, at 3:30 PM, Nikhil Marathe <nmara...@linkedin.com.INVALID> > wrote: > > > > Hi, > > > > This is Nikhil from Linkedin Engineering. > > > > A Key Rotation feature has been added to TLS session tickets; details: > > http://comments.gmane.org/gmane.comp.apache.trafficserver.devel/2084 > > > > At present, this feature relies on periodic execution of traffic_line -x > to > > reload new keys. However traffic_line -x reloads entire configuration, > and > > so has a much wider impact than needed. > > > > In order to address this concern and to localize the impact of reloading > > keys, we would like to propose following approach: > > > > ATS will schedule periodic continuation which checks the session ticket > key > > file. The reload interval will be records.configurable. If the session > > ticket key file has been modified, ATS will reload the keys from the > file. > > Hi Nikhil, > > At the time we discussed the need for this and my view is still that it is > not necessary. Reloading the SSL configuration should be completely > harmless and it seems very straight forward for the job that populates the > new keys to call traffic_line at the right time. > > cheers, > James -- Bret Palsson | https://cobook.co/bretep
