I would like to use RTR-over-TLS between Routinator and RTRTR. In my environment, this means frequent, automatic certificate reissuance. Are there any plans to support hitlessly reloading certificates in Routinator? I think responding to SIGHUP/SIGUSR1/SIGUSR2 make the most sense for this use case. I see that #200 is considering reloading configuration and restarting validation, but this is a slightly different case: it doesn't require re-reading the configuration file itself, and I do not want to restart validation on such a certificate reissue event.
Obviously, I can restart the process when the certificate has been rolled, but this makes Routinator unavailable for a time while it performs its initial validation. Some way to handle only the TLS certificate changes hitlessly would be fantastic.
I would like to use RTR-over-TLS between Routinator and RTRTR. In my environment, this means frequent, automatic certificate reissuance. Are there any plans to support hitlessly reloading certificates in Routinator? I think responding to SIGHUP/SIGUSR1/SIGUSR2 make the most sense for this use case. I see that #200 is considering reloading configuration and restarting validation, but this is a slightly different case: it doesn't require re-reading the configuration file itself, and I do not want to restart validation on such a certificate reissue event.
Obviously, I can restart the process when the certificate has been rolled, but this makes Routinator unavailable for a time while it performs its initial validation. Some way to handle only the TLS certificate changes hitlessly would be fantastic.