You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "James Peach (JIRA)" <ji...@apache.org> on 2012/11/01 06:19:13 UTC
[jira] [Commented] (TS-1551) ssl_multicert.config not reread with
traffic_line -x
[ https://issues.apache.org/jira/browse/TS-1551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13488472#comment-13488472 ]
James Peach commented on TS-1551:
---------------------------------
Ethan, does the SSLConfigParams object get reloaded correctly? If you look at proxy/ProxyConfig.cc, there is an existing mechanism for reloading configuration (very similar to your implementation!). Do you think that this can also be used for SSCertLookup?
I'm not sure I get the need for setTobedestroyed(). It seems like the SSLCert_FreerContinuation should own the refcount and just decrement it. Having a live object with a zero refcount is a bit unconventional. I'm also a bit leery about defaultContext() sometimes taking a refcount ... is that ever dropped?
> ssl_multicert.config not reread with traffic_line -x
> ----------------------------------------------------
>
> Key: TS-1551
> URL: https://issues.apache.org/jira/browse/TS-1551
> Project: Traffic Server
> Issue Type: Bug
> Components: Configuration, SSL
> Affects Versions: 3.2.0
> Environment: RHEL 6
> Reporter: Ethan Lai
> Priority: Minor
> Attachments: ssl_multicert_reload.patch, ssl_multicert_reload.patch-3.2.0
>
>
> Found that "ssl_multicert.config" is marked as modified, but not reread while running traffic_line -x (Reread Config Files).
> Just wondering is this expected behavior or not?
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> [Oct 26 09:59:45.018] Manager {0x7f3c6723d7e0} NOTE: [LocalManager::startProxy] Launching ts process
> [Oct 26 09:59:45.025] Manager {0x7f3c6723d7e0} NOTE: [LocalManager::pollMgmtProcessServer] New process connecting fd '12'
> [Oct 26 09:59:45.025] Manager {0x7f3c6723d7e0} NOTE: [Alarms::signalAlarm] Server Process born
> [Oct 26 09:59:46.066] Server {0x2b500a320680} DEBUG: (ssl) ssl_multicert.config: /usr/local/etc/trafficserver/ssl_multicert.config
> [Oct 26 09:59:46.094] Server {0x2b500a320680} DEBUG: (ssl) mapping 'j1.free888.cloudns.biz' to certificate /usr/local/etc/ats-cert/j1.free888.cloudns.biz-v2.pem
> [Oct 26 09:59:46.096] Server {0x2b500a320680} NOTE: logging initialized[15], logging_mode = 3
> [Oct 26 09:59:46.126] Server {0x2b500a320680} NOTE: traffic server running
> $ sed -i 's/j1.free888.cloudns.biz-v2/j1.free888.cloudns.biz-v3/' /usr/local/etc/trafficserver/ssl_multicert.config
> $ `trafflic_line -x`
> [Oct 26 09:59:59.954] Manager {0x7f3c5ffff700} DEBUG: (rollback) [Rollback::internalUpdate] Moving ssl_multicert.config from version 43 to version 44
> [Oct 26 09:59:59.970] Manager {0x7f3c5ffff700} NOTE: [fileUpdated] ssl_multicert.config file has been modified
> [Oct 26 09:59:59.970] Manager {0x7f3c5ffff700} NOTE: User has changed config file ssl_multicert.config
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> No "DEBUG: (ssl) mapping 'j1.free888.cloudns.biz' to certificate /usr/local/etc/ats-cert/j1.free888.cloudns.biz-v3.pem" message found.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira