Skip to content
This repository has been archived by the owner on Feb 6, 2022. It is now read-only.

Rotate key and cert files without restarting proxy #95

Open
lookuptable opened this issue May 8, 2017 · 1 comment
Open

Rotate key and cert files without restarting proxy #95

lookuptable opened this issue May 8, 2017 · 1 comment
Assignees
Milestone

Comments

@lookuptable
Copy link
Member

Currently, the way we rotate Istio key and certificate is to let a proxy agent watch the files and restart the proxy to pick up the refreshed key and certificate. This is implemented as a short-term solution in istio/old_pilot_repo#663.

Ultimately we need a way to rotate these keys and certificates without restarting proxy. This is currently tracked by this issue (envoyproxy/envoy#891) in upstream Envoy repo.

@wattli
Copy link
Contributor

wattli commented May 8, 2017

@wlu2016

@wattli wattli added this to the Istio 0.3 milestone Aug 16, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants