I'm running a prosody setup with net_multiplex (among others) and certificates by LetsEncrypt. After refreshing the certificate files, I run the following: nc localhost 5582 <<EOF config:reload() module:reload("tls") module:reload("http") module:reload "net_multiplex" exit EOF However, after that, the old certificates are still served from the server. Only after re-issuing the reload command twice (IIRC only reloading mod_tls is sufficient, but it's been a while), the new certificate will be served.

Thanks for the report. What version of Prosody did you have?

• tags Status-NeedInfo

This was happening with 0.10 nightlies typically some months old. Haven't had a LE rollover yet on 0.11, will try to think of commenting here when it happens.

Running Prosody version 0.11 nightly build 39 (2019-03-22, 68faa0c1a99c) on Linux with certificates on different host:port combos. After config:reload() - no cert updates After second config:reload() - certificate on XMPP endpoints (c2s, s2s) is updated module:reload("tls") - no changes after first or second call module:reload("http") - certificate on :5281 updated Second module:reload("http") - no further changes module:reload("net_multiplex") - certificates on all :443 endpoints updated Now all certs are updated!

this is happening on our instance running in Docker. we manage certs in a mounted volume. I can confirm updated/correct certificate is loaded at /etc/prosody/certs/<domain>.crt. We send SIGHUP to the process and get the following logs mod_posix info Received SIGHUP startup info Reloading configuration file <domain>.com:tls info Certificates reloaded but then loading the HTTPS endpoint on 5281 certificate is not updated. What else do we need to do?