Certificates renewal in Cowboy

Hi all,

Quick question. I have a Web app running on Cowboy (no NGINX on front). Everything is working fine except when renewing TLS (Let’s Encrypt) certificates. Do I need to restart the application / Cowboy for the new certificates to be used? So far what I have been experiencing is that even when I replace the old certificates by the new ones, I keep getting the old ones.

Thanks!

2 Likes

Replace the old certificate by the new one. After some time (not sure how long, I observed a delay of maybe around 10min sometimes) the new certificate is picked up and used. No need to restart Cowboy.

2 Likes

Looks like default delay is 2 minutes. This can be configured with ssl_pem_cache_clean (SSL Configuration) and there is also clear_pem_cache/0 for immediate check.

5 Likes

So just renewing the cerificates with a cron job should be enough? The server will automatically serve the updated certificate after the ssl_pem_cache_clean delay without requiring any restart?

Thank you @JeyHey for replying!

Thank you @malaire for replying!