ntpd Certificate Loading
Hal Murray
hmurray at megapathdsl.net
Tue Jun 9 09:01:15 UTC 2020
mikie.simpson at gmail.com said:
> I used to have a symlink into /etc/ntp from /etc/letsencrypt/live... which
> worked until the recent changes.
Do you have old log files? Can you find a case with the old setup where your
ntpd reloaded the updated certificate and key?
The recent change was added so the initial load of cert+key would be post
drop-root so the owner for the initial load would be the same as a reload.
The idea was that ntpd would crash at startup if it wouldn't be able to read a
new cert+key. (That assumes the new cert+key will have the same owner/mode as
the current files.)
--
These are my opinions. I hate spam.
More information about the devel
mailing list