Does grpc C++ server support hot SSL certificate reloading?

[srihit...@gmail.com]

The tls credential reload methods present in grpc_security.h say that they are used for experimental purposes now. Are these methods the only way to achieve certificate reloading without restarting the server and the client? Or is there any alternate way I can explore?

[Jeff Steger]

I am interested in the answer to this question as well.

On Thu, Aug 15, 2019 at 3:47 PM <srihit...@gmail.com> wrote:

The tls credential reload methods present in grpc_security.h say that they are used for experimental purposes now. Are these methods the only way to achieve certificate reloading without restarting the server and the client? Or is there any alternate way I can explore?

--
You received this message because you are subscribed to the Google Groups "grpc.io" group.
To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/b3b9bac4-856d-4144-8ba8-d920013710a5%40googlegroups.com.

[jian...@google.com]

We have implemented in hot credential reloading in grpc core under grpc_tls_spiffe credentials. We are in the middle of wrapping with C++ so that C++ caller can use it. It should be ready this Q3.

On Friday, August 16, 2019 at 6:55:48 PM UTC-7, Jeff wrote:

I am interested in the answer to this question as well.

On Thu, Aug 15, 2019 at 3:47 PM <srihi...@gmail.com> wrote:

The tls credential reload methods present in grpc_security.h say that they are used for experimental purposes now. Are these methods the only way to achieve certificate reloading without restarting the server and the client? Or is there any alternate way I can explore?

--
You received this message because you are subscribed to the Google Groups "grpc.io" group.

To unsubscribe from this group and stop receiving emails from it, send an email to grp...@googlegroups.com.