Reload SSL certificate without restarting HA?

iliyan · March 24, 2020, 12:46pm

TL;DR: How to reload the SSL certificate files in HA after they’re renewed by an external process?

I’m running HA in a Docker on a Synology NAS. Everything is working fine, and I recently enabled SSL with a Let’s Encrypt certificate. I manage the renewal of the certificate directly on my NAS. I noticed that after renewal I have to restart HA for the updated certificate files to be reloaded.

I want to avoid having to restart HA upon every certificate renewal (i.e. once every month). Is there any way to do this?

lightmaster · May 5, 2020, 10:30am

Did you figure this out?

Also, did you find a way for HA to access Synology’s certs directly, or are you copying the new certs into the HA folder?

iliyan · May 5, 2020, 10:58am

I haven’t figured it out how to reload certificates without restarting HA. In fact, I find this to be the biggest pitfall of HA – it’s too monolithic and requires restarts way too often.

No need to copy the certificate files to HA. Just map the directory where they’re stored to /ssl in the HA docker container (just like the config dir is mapped to /config).

Gerben321 · May 18, 2020, 12:12pm

Agreed. I’ve got my DSM SSL mapped to HASS, and I need to restart HASS everytime it’s about to expire. Should be a simple service that we can call to reload it.

dmircea · January 30, 2021, 11:03pm

Hi guys, Did anyone figure this out?

I’m also running into the same trouble (HA in Docker on Synology NAS, LE certificate expires and have to restart the whole thing).

Thanks

flightsim · August 27, 2021, 10:12pm

Nope, still struggling Hass.IO - LetsEncrypt, renewal and reboot - #2 by flightsim