How to change the TLS certificate/key without restarting the server?

From: raf <raf(at)raf(dot)org>
To: pgsql-admin(at)postgresql(dot)org
Subject: How to change the TLS certificate/key without restarting the server?
Date: 2019-10-17 05:20:42
Message-ID: 20191017052042.ombzxzwzo7xet47t@raf.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

Hi,

https://www.postgresql.org/docs/12/ssl-tcp.html says:

"Using a passphrase also disables the ability to
change the server's SSL configuration without a
server restart."

How is key TLS key changed without a server restart?
Is replacing the server.crt/server.key files enough
or is there more to it?

And will existing connections continue to use the old
key until they disconnect?

cheers,
raf

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message Arni Kromić 2019-10-17 07:31:08 Re: Save Session?
Previous Message Gediminas Bazilevičius 2019-10-16 13:19:33 how to hide configuration tab in pgadmin