[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapd and LetsEncrypt certificates: does a cert renewal necessitate a server restart?

Jean-Francois Malouin <Jean-Francois.Malouin@bic.mni.mcgill.ca> writes:

> As the subject say, I'm contemplating the use of LetsEncrypt TLS certificates.
> Is there a way to make slapd aware of a cert renewal (they happen every 90
> days) without restarting it, ie, with minimal service interruption?

I *do* restart slapd after I installed the new Let's Encrypt

I doubt there are any other way to make LDAp server aware of the
certificate change. And this is a 20 seconds interruption, nothing worth
mentioning (or you are a big organization, then you have redundant LDAP
servers and you would upgrade one at a time so it should be transparent
to your users).

Best regards,


> thanks,
> jf