In local testing with XRootD v5.5.5, we're not seeing certificate file changes applied to the running service. strace of xrootd shows the certificate files are read from disk (triggered by the refresh thread), but HTTPS clients continue to receive the old certificate.

Is there any other special configuration required to enable this feature? @ccaffy

I'm happy to open a new issue if preferred, but this seemed a place to start. Also while on this path, I noticed the xrd.tlsca noverify could not be combined with setting a refresh interval. It's very clearly documented, but I did not expect it.


Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you commented.Message ID: <xrootd/xrootd/issues/1678/1673994650@github.com>

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/issues/1678#issuecomment-1673994650", "url": "https://github.com/xrootd/xrootd/issues/1678#issuecomment-1673994650", "name": "View Issue" }, "description": "View this Issue on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1