Refresh TLS certificates automatically

Question

Refresh TLS certificates automatically

uhthomas opened this issue a year ago · 0 comments

Describe the bug

Athens supports TLS, but will only read the certificates once on startup. Environments like Kubernetes with cert-manager may automatically rotate the given certificate, where Athens will continue to use the old certificate. There are numerous linked issues:

It may be better for Athens to support this natively. There seems to be a good Go package which facilitates this behaviour:

https://github.com/cloudflare/certinel

Error Message

N/A

To Reproduce

N/A

Expected behavior

Athens should use new certificates if available.

Environment (please complete the following information):

OS: Linux (Kubernetes)
Go version: N/A
Proxy version: v0.12.1
Storage: N/A

Additional context

N/A