On Wed, Apr 8, 2015 at 11:48:11AM -0400, Donald Stufft wrote:
> Currently replacing the SSL certificates for PostgreSQL requires a full server
> restart. However in the infrastructure for www.python.org (and in the future,
> pypi.python.org as well) we use short lived certificates (1 day) that
> automatically get rotated when 75% of their lifetime is used up. This means
> that we end up needing to do a full restart of PostgreSQL once a day or so
> which is a disruptive action that causes the site to generate errors while
> PostgreSQL shuts down and starts back up.
>
> It would be great if PostgreSQL could load a new SSL certificate with a
> graceful reload. This would solve our use case perfectly.
>
> In the interim I'm attempting to work around this problem by sticking stunnel
> inbetween PostgreSQL and the clients and use that to terminate TLS since it
> *does* support gracefully reloading certificates.
This has been discussed before and seemed reasonable:
http://www.postgresql.org/message-id/flat/CAAS3tyLJcv-m0CqfMrrxUjwa9_FKscKuAKT9_L41wNuJZywM2Q@mail.gmail.com#CAAS3tyLJcv-m0CqfMrrxUjwa9_FKscKuAKT9_L41wNuJZywM2Q@mail.gmail.com
-- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB
http://enterprisedb.com
+ Everyone has their own god. +