certman
certman copied to clipboard
dyson
Go TLS certificate reloading for the standard library http server.
The GetCertificate uses a RWLock ``` func (cm *CertMan) GetCertificate(hello *tls.ClientHelloInfo) (*tls.Certificate, error) { cm.mu.RLock() defer cm.mu.RUnlock() return cm.keyPair, nil } ``` Is the lock is really needed? There is...
the certbot renews certs many days before expiration so it's really no rush to update certs. Maybe just check for reload a cert once a day instead of the fs...
I ran into an issue where the certs would stop reloading when we rotated them in our kubernetes environment. We imported this small library to handle the tls secret rotations...
