Re: Rotate SSL certificates on reload (SIGHUP) without restart

From: Tatsuo Ishii <ishii(at)postgresql(dot)org>
To: bob(dot)ross(dot)19821(at)gmail(dot)com
Cc: pgpool-hackers(at)lists(dot)postgresql(dot)org
Subject: Re: Rotate SSL certificates on reload (SIGHUP) without restart
Date: 2026-03-26 10:19:02
Message-ID: 20260326.191902.1769703442358463290.ishii@postgresql.org
Views: Whole Thread | Raw Message | Download mbox | Resend email
Thread:
Lists: pgpool-hackers

Hi Bob,

> Thank you for the patch! I will look into the patch.

I skimmed through the patch. You changed main.c and child.c to call
SSL_ServerSide_init() so that they reload new SSL parameters. However,
in Pgpool-II there are two more places which could use SSL connection
to PostgreSQL server: health check and streaming replication check. I
suspect they need to call SSL_ServerSide_init() while reloading the
config file. What do you think?

Regards,
--
Tatsuo Ishii
SRA OSS K.K.
English: http://www.sraoss.co.jp/index_en/
Japanese:http://www.sraoss.co.jp

In response to

Responses

Browse pgpool-hackers by date

  From Date Subject
Next Message Bob Ross 2026-03-27 18:16:12 Re: Rotate SSL certificates on reload (SIGHUP) without restart
Previous Message Koshino Taiki 2026-03-26 08:15:54 Proposal: Add lifecheck started status to pcp_watchdog_info.