Hello Fabian/Others,

We were trying to handle the client certificate expiry using the SIGHUP mechanism that invokes tlsreloadcrls(). Just realized that the designated role for this function is to only reload CAs and CRLs and not client certificates. What was the intention behind this ?

I would assume that since the CA certificates are used to sign the client certificates, A re-read / re-cache of just the CA certificates does not make sense as the client certificates were signed by an earlier version of the CA certificate and we are still working with the cached copies.

Thanks

Imtiyaz