Reload SSL certificate without restarting HA?

TL;DR: How to reload the SSL certificate files in HA after they’re renewed by an external process?

I’m running HA in a Docker on a Synology NAS. Everything is working fine, and I recently enabled SSL with a Let’s Encrypt certificate. I manage the renewal of the certificate directly on my NAS. I noticed that after renewal I have to restart HA for the updated certificate files to be reloaded.

I want to avoid having to restart HA upon every certificate renewal (i.e. once every month). Is there any way to do this?

1 Like

Did you figure this out?

Also, did you find a way for HA to access Synology’s certs directly, or are you copying the new certs into the HA folder?

I haven’t figured it out how to reload certificates without restarting HA. In fact, I find this to be the biggest pitfall of HA – it’s too monolithic and requires restarts way too often.

No need to copy the certificate files to HA. Just map the directory where they’re stored to /ssl in the HA docker container (just like the config dir is mapped to /config).

Agreed. I’ve got my DSM SSL mapped to HASS, and I need to restart HASS everytime it’s about to expire. Should be a simple service that we can call to reload it.

Hi guys, Did anyone figure this out?

I’m also running into the same trouble (HA in Docker on Synology NAS, LE certificate expires and have to restart the whole thing).


Nope, still struggling Hass.IO - LetsEncrypt, renewal and reboot - #2 by flightsim

I have not figured this out either (hence how I found this thread) - currently you can reload components of HA, but it seems like it still needs a full restart. Given that my certs are much shorter lived than Letsencrypt, it is a bit of a pain.

My solution: Use the core_nginx_proxy addon to serve HA over HTTPS. Then you can use the following command after deploying new cert/key files to restart the nginx addon without restarting everything else:

$ ha addons restart core_nginx_proxy

This causes the new cert and key to be loaded.