Hi there, I have Tyk Standalone self hosted running and it works just perfect with the provided certificates located at the configured location.
The certificates are automatically refreshed by letsencrypt process and updated at the corresponding location in the filesystem.
However, it looks to me that Tyk does not refrehs the same and uses the old ones further up until they expired and no access is possible anymore. After a Tyk restrate it works again properly with the new certificates.
Is it possible to have Tyk to refresh the certs automatically eg. on a daily basis?
TLS certificates are loaded when the Gateway starts, and it doesn’t automatically pick up changes if the certificate files are updated on disk. This is because Tyk caches certificates in memory for performance reasons. So even though Let’s Encrypt renews the certificates correctly, Tyk will keep using the old ones until the Gateway is restarted.
At the moment, there isn’t a way for Tyk to refresh TLS certificates automatically without a restart. To refresh certificates on a regular basis (for example, daily), this would require automating a controlled Gateway restart after the certificate renewal completes.