Wowza Community

Mechanism for jks reload on vhost

Hi all, am intending to push a letsencypt cert to wowza when it’s updated. Is there any mechanism for forcing it to recognise/reload the updated JKS file for a vhost? This is on a live service so a restart isn’t an option.

Any answers appreciated!

Hi Tony,

Thank you for reaching out via our Community Forum. Best practices require a server restart for an updated VHost.xml and/or new .jks to be adopted. It is common, as part of best practices, to have regular planned downtime for maintenance.

Thanks but that’s poor. It rules out using certbot/letsencrypt in critical services - we can’t have downtime which will kick all users off a busy platform. I’ll use a single domain cert specifically for wowza instead, but this should be flagged as a future improvement for wowza as the scenario is likely to become more common especially given the trend towards more frequent cert rotation.