HTTPS-only mode (is briefly mentioned and I recommend to LWN readers)

Posted Jun 15, 2024 2:20 UTC (Sat) by dskoll (subscriber, #1630)
In reply to: HTTPS-only mode (is briefly mentioned and I recommend to LWN readers) by Cyberax
Parent article: Firefox 127.0 released

A lot of services read the certificate once during startup, so you also need to restart them

Yup, that's also scripted. It's a bit of a pain to set up, but once it's set up, it just runs on its own. Basically, each machine has a script that knows how to reload relevant services if a certificate has been updated; the sync script runs that script iff the cert has actually been updated.

And dockerized services that might need an image rebuild.

"Doctor, it hurts when I do that!" "Then don't do that!"