Currently replacing the SSL certificates for PostgreSQL requires a full server
restart. However in the infrastructure for www.python.org (and in the future,
pypi.python.org as well) we use short lived certificates (1 day) that
automatically get rotated when 75% of their lifetime is used up. This means
that we end up needing to do a full restart of PostgreSQL once a day or so
which is a disruptive action that causes the site to generate errors while
PostgreSQL shuts down and starts back up.
It would be great if PostgreSQL could load a new SSL certificate with a
graceful reload. This would solve our use case perfectly.
In the interim I'm attempting to work around this problem by sticking stunnel
inbetween PostgreSQL and the clients and use that to terminate TLS since it
*does* support gracefully reloading certificates.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA