On 18/05/2016 20:00, Jordan Brown wrote:
On 5/18/2016 10:51 AM, Salz, Rich wrote:
Would it be reasonable to have OpenSSL watch the metadata on the file or
directory and, on change, discard cached certificates and, for a file, reload
the file?
Unlikely to happen :)
Are you saying that
On 18.05.2016 19:51, Salz, Rich wrote:
Is there something I'm missing?
Nope.
From the description of SSL_CTX_load_verify_locations i would have
expected that certificates loaded via the CApath mechanism are loaded
anew for every verification process. If this is not the case an
appropriate
On 5/18/2016 10:51 AM, Salz, Rich wrote:
>> Would it be reasonable to have OpenSSL watch the metadata on the file or
>> directory and, on change, discard cached certificates and, for a file,
>> reload the file?
> Unlikely to happen :)
Are you saying that because nobody is interested in doing
On 5/18/2016 10:52 AM, Scott Neugroschl wrote:
>
> I believe that’s specific to the servers in question. Often you can
> “restart” a server by giving it a SIGHUP. I don’t know if slapd and
> slurpd will respond in the way you want.
>
I'm thinking more of long-running client applications.
I believe that's specific to the servers in question. Often you can "restart"
a server by giving it a SIGHUP. I don't know if slapd and slurpd will respond
in the way you want.
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Jordan Brown
Sent: Wednesday, May 18,
> Is there something I'm missing?
Nope.
> Would it be reasonable to have OpenSSL watch the metadata on the file or
> directory and, on change, discard cached certificates and, for a file, reload
> the file?
Unlikely to happen :)
--
Jordan Brown, Oracle Solaris
--
openssl-users mailing list