Page 1 of 1

Support for symlinks

Posted: Sat Oct 09, 2021 7:00 am
by Belly Buster
I have certbot (let's encrypt) installed to provide updated SSL certificates on a periodic basis.

This all works quite well except that the "live" folder is a symlink to a specific versioned file in the "archive" folder.

In the mavens admin console, selecting the symlink file them immediate displays the linked file. The problem is that this file could change when certbot determines the SSL certificate is nearing renewal. As a result if left unnoticed, the mavens client is still pointing to the out of date certificate and any users are given a nasty warning page in the browser.

A small complication would be that the certificate files may change at these random times and the server service would need to know to reload them on an occasional basis (ideally without having to restart the client).

The three fileds affected are SSL key file, SSL certificate file and SSL root certificate file.

Re: Support for symlinks

Posted: Sat Oct 09, 2021 10:49 am
by Kent Briggs
Poker Mavens just passes those file names to the Indy Socket SSL IOHandler component I use when you click the Start button, which in turn passes them to the OpenSSL dll. I suspect OpenSSL loads them into memory at that point. I don't know what I could do on my end to let OpenSSL know they've been updated. Also, symbolic links are handled by the O/S and are oblivious to application programs, so I don't understand how that would be relevant here.

Re: Support for symlinks

Posted: Tue Jan 11, 2022 9:05 pm
by Grim
Using CertBot and LE myself, and there's some manual tinkering every 3 months. As Kent said, it's not really something his software can solve. Well, unless he makes a version that runs on Linux. ;)

Re: Support for symlinks

Posted: Tue Jan 11, 2022 9:06 pm
by Grim
(... and using e.g. Apache)