Support for symlinks

Add your suggestions for improving Poker Mavens
Post Reply
Belly Buster
Posts: 9
Joined: Thu Aug 23, 2012 12:45 pm

Support for symlinks

Post by Belly Buster »

I have certbot (let's encrypt) installed to provide updated SSL certificates on a periodic basis.

This all works quite well except that the "live" folder is a symlink to a specific versioned file in the "archive" folder.

In the mavens admin console, selecting the symlink file them immediate displays the linked file. The problem is that this file could change when certbot determines the SSL certificate is nearing renewal. As a result if left unnoticed, the mavens client is still pointing to the out of date certificate and any users are given a nasty warning page in the browser.

A small complication would be that the certificate files may change at these random times and the server service would need to know to reload them on an occasional basis (ideally without having to restart the client).

The three fileds affected are SSL key file, SSL certificate file and SSL root certificate file.
Kent Briggs
Site Admin
Posts: 5878
Joined: Wed Mar 19, 2008 8:47 pm

Re: Support for symlinks

Post by Kent Briggs »

Poker Mavens just passes those file names to the Indy Socket SSL IOHandler component I use when you click the Start button, which in turn passes them to the OpenSSL dll. I suspect OpenSSL loads them into memory at that point. I don't know what I could do on my end to let OpenSSL know they've been updated. Also, symbolic links are handled by the O/S and are oblivious to application programs, so I don't understand how that would be relevant here.
Grim
Posts: 87
Joined: Thu Oct 15, 2020 8:11 pm

Re: Support for symlinks

Post by Grim »

Using CertBot and LE myself, and there's some manual tinkering every 3 months. As Kent said, it's not really something his software can solve. Well, unless he makes a version that runs on Linux. ;)
Grim
Posts: 87
Joined: Thu Oct 15, 2020 8:11 pm

Re: Support for symlinks

Post by Grim »

(... and using e.g. Apache)
Post Reply