fix: TLS cert hot-reload when services change #13

Merged

razvandimescu merged 1 commits from fix/tls-hot-reload into main

2026-03-24 01:46:05 +08:00

Author	SHA1	Message	Date
Razvan Dimescu	1ae2e23bb6	fix: regenerate TLS cert when services change (hot-reload via ArcSwap) HTTPS proxy certs were generated once at startup. Services added at runtime via API or LAN discovery got "not secure" in the browser because their SAN wasn't in the cert. Now the cert is regenerated on every service add/remove and swapped atomically via ArcSwap. In-flight connections are unaffected. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-23 16:14:06 +02:00

Author

SHA1

Message

Date

Razvan Dimescu

1ae2e23bb6

fix: regenerate TLS cert when services change (hot-reload via ArcSwap)

HTTPS proxy certs were generated once at startup. Services added at
runtime via API or LAN discovery got "not secure" in the browser
because their SAN wasn't in the cert. Now the cert is regenerated
on every service add/remove and swapped atomically via ArcSwap.
In-flight connections are unaffected.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-23 16:14:06 +02:00

fix: TLS cert hot-reload when services change #13

1 Commits