If anybody wants to add to the argument, please feel free at: https://github.com/openssl/openssl/issues/12753

On Sun, Aug 30, 2020 at 17:04, David Arnold <dar@xoe.solutions> wrote:
So, I've research a little in the OpenSSL mailing list, the result of which I want to feed back here:

Users list:

https://www.mail-archive.com/openssl-users@openssl.org/msg79444.html
https://www.mail-archive.com/openssl-users@openssl.org/msg85740.html
https://www.mail-archive.com/openssl-users@openssl.org/msg81582.html

That's all I found. Seems to be a thing, but without much momentum. Hm?
I wonder: is the practice of certificate rolling every 5 minutes still too exotic?
Or didn' t it yet work it's way through the web's institutions?

BR, David

On Thu, Aug 27, 2020 at 16:24, David Arnold <dar@xoe.solutions> wrote:
On Thu, Aug 27, 2020 at 13:18, Howard Chu <hyc@symas.com> wrote:
It sounds like the feature you want (auto-refresh an expired cert) should be implemented in the TLS library itself.

You are right, I'll be attempting to go down this branch.