LISTSERV 16.5 - XROOTD-DEV Archives

Hi,
actually my test setup used to stay up for months without restarts, but... there were no CRLs.
XrdHttpVoms does its own sec business through openssl and libvoms, so it may be that it never reloads
the CRLs, as the init phase is executed only when the plugin is loaded.

I think that the daemon restarts are an effective workaround, which is what e.g. Apache does for the same case. Another workaround is making sure that there are no CRLs around, don't know if this is acceptable.

A more elegant attempt could be to internally reinitialize it every few hours by invoking destroy_SSL_proxy_handler/setup_SSL_proxy_handler, I'll give it a try.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/issues/750?email_source=notifications\u0026email_token=AA7NRDWWRPXE2PJ2HYHKNWDQG56ZNA5CNFSM4FFXFYFKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5NTZQI#issuecomment-526073025", "url": "https://github.com/xrootd/xrootd/issues/750?email_source=notifications\u0026email_token=AA7NRDWWRPXE2PJ2HYHKNWDQG56ZNA5CNFSM4FFXFYFKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5NTZQI#issuecomment-526073025", "name": "View Issue" }, "description": "View this Issue on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1