Details
-
Task
-
Resolution: Won't Fix
-
Major - P3
-
None
-
None
-
None
Description
Epic Summary
Summary
Allow servers to begin advertising a new X.509 certificate for subsequent TLS sessions without needing to reboot.
Motivation
X.509 certificates must be periodically rotated. Because industry best practices are moving toward short certificate lifetimes, it is not always feasible to schedule rotation to coincide with planned maintenance.