| From: | Bob Ross <bob(dot)ross(dot)19821(at)gmail(dot)com> |
|---|---|
| To: | pgpool-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Rotate SSL certificates on reload (SIGHUP) without restart |
| Date: | 2025-10-23 05:02:59 |
| Message-ID: | CAHtZvrddqfbnERYY_DqgURWCjuXeTjM0y08k-ZP_B0bAHYx2ag@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgpool-hackers |
Hello,
Please consider adding support for rotating SSL certificates on reloading
pgpool2 (i.e., sending SIGHUP to the pgpool parent), so that certificate
rotations do not require a full service restart. PostgreSQL can pick up new
certificates on reload/SIGHUP; pgpool currently requires a restart, which
causes connection disruptions.
*Current behavior:*
- Replace certificate/key files used by pgpool (e.g., server.crt,
server.key, related CA chain).
- Run systemctl reload pgpool2 (send SIGHUP to the pgpool parent).
- Observations: Existing and new client connections continue to present
the old certificate. Only systemctl restart pgpool2 applies the new certs
(causing connection interruptions).
*Expected behavior:*
- After systemctl reload pgpool2 / SIGHUP, pgpool should re-read
SSL-related configuration (server cert, private key, chain/CA, CRL if
configured) and use them for new client connections, without requiring a
full restart.
- Existing connections can continue with the old context; only new
handshakes should use the updated materials.
- If reload fails, log a clear error and keep using the previous context
to avoid breaking clients.
- Consider parity with PostgreSQL’s SIGHUP behavior for certificate
reloads where feasible.
Regards,
Bob Ross
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tatsuo Ishii | 2025-10-24 04:44:47 | Re: Rotate SSL certificates on reload (SIGHUP) without restart |
| Previous Message | Tatsuo Ishii | 2025-10-03 12:19:57 | Re: [pgpool-hackers: 4583] Fix time_t warnings on OpenBSD |