What has to be restarted when the certificate changes?

Gary Mills mills at cc.umanitoba.ca
Thu Sep 9 19:33:55 EDT 2004

On Thu, Sep 09, 2004 at 06:58:38PM -0400, Ken Murchison wrote:
> Gary Mills wrote:
> >When the SSL certificate is about to expire and has to be replaced,
> >is it necessary to restart the Cyrus IMAP server.  There will be new
> >private key and server certificate files.  In case it matters, I'm
> >running cyrus-imapd-2.1.14 with cyrus-sasl-2.1.18.
> Nothing *has* to be restarted.  As each new imapd/pop3d/lmtpd is 
> executed, it will read imapd.conf for the path of the files.  If the 
> paths to the files haven't changed (just the contents), then they 
> *might* be re-read when a running service is reused (for STARTTLS only).

Okay, that seems to explain what I observed.  I replaced the files
without restarting Cyrus.  Everything seemed to work normally, but
we had complaints from people using the pop3s service.  (The silly
e-mail reader just said `Cannot connect to server').  A restart seems
to have fixed it.

-Gary Mills-    -Unix Support-    -U of M Academic Computing and Networking-
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list