group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1828496] Re: service haproxy reload sometimes fails to pick up new TLS certificates

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Sergio Durigan Junior <1828496@xxxxxxxxxxxxxxxxxx>
Date: Thu, 10 Feb 2022 20:36:45 -0000
Reply-to: Bug 1828496 <1828496@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Xenial has reached its end of standard support.

** Changed in: haproxy (Ubuntu Xenial)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1828496

Title:
  service haproxy reload sometimes fails to pick up new TLS certificates

Status in haproxy package in Ubuntu:
  Confirmed
Status in haproxy source package in Xenial:
  Won't Fix
Status in haproxy source package in Bionic:
  Confirmed

Bug description:
  I suspect this is the same thing reported on StackOverflow:

  "I had this same issue where even after reloading the config, haproxy
  would randomly serve old certs. After looking around for many days the
  issue was that "reload" operation created a new process without
  killing the old one. Confirm this by "ps aux | grep haproxy"."

  https://stackoverflow.com/questions/46040504/haproxy-wont-recognize-
  new-certificate

  In our setup, we automate Let's Encrypt certificate renewals, and a
  fresh certificate will trigger a reload of the service. But
  occasionally this reload doesn't seem to do anything.

  Will update with details next time it happens, and hopefully confirm
  the multiple process theory.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/haproxy/+bug/1828496/+subscriptions