Using letsencrypt,

[aardbol...@gmail.com]

Hi,

We're using Letsencrypt for our ssl certificate in a docker enviroment.

Letsencrypt certificates have to be renewed every 3 months.

I made a script when certbot generates a new ssl certificate, automaticly generate a JKS and CRT key.

Once the new jks and crt certificate are created i have to restart the docker container, otherwise the new certificate will not be activated.

Is it possible to reload the openvidu docker container instead restart.

Best regards,

[Pablo]

Hi,

Docker containers don't have a "reload" option, they can only be restarted. The strategy followed by the users who don't want to stop containers when renewing their certificates is to install a proxy service in front of their containers and configure the certificate inside the proxy instead of the process inside the container (in fact our official OpenVIdu CloudFormation template does it this way by using Nginx). You should redirect all the traffic to the OpenVidu Server container through the proxy, of course. And you can launch openvidu-server to be served without SSL just by adding an environment variable in the docker run command: -e server.ssl.enabled=false

This way you would have the following architecture:

Browser     --- https ---->     Proxy(+cert)     --- http --->      OpenVidu Server Docker container (no certificate at all)

Regards