So, I've research a little in the OpenSSL mailing list, the result of which I want to feed back here:Users list:That's all I found. Seems to be a thing, but without much momentum. Hm?I wonder: is the practice of certificate rolling every 5 minutes still too exotic?Or didn' t it yet work it's way through the web's institutions?BR, David
On Thu, Aug 27, 2020 at 16:24, David Arnold <dar@xoe.solutions> wrote:On Thu, Aug 27, 2020 at 13:18, Howard Chu <hyc@symas.com> wrote:It sounds like the feature you want (auto-refresh an expired cert) should be implemented in the TLS library itself.You are right, I'll be attempting to go down this branch.