Lower cert renewal to 4 hours
The default https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml does: cert_refresh_delay = 240 to refresh the cert every 4 hours, but encrypted-dns-server defaults to every 8 hours. So anyone using the default example-dnscrypt-proxy.toml settings to connect to an encrypted-dns-server instance will start getting those "No useable certificate found" errors after 4 hours. Probably should lower the refresh here to 4 hours, unless I missed a config directive for encrypted-dns-server that'll do it. If there's not a config directive, could create one that allows changing DNSCRYPT_CERTS_RENEWAL using the config, and have it default there to 4 hours.pull/13/head
parent
dfa8ae69fe
commit
9f53b9b78a
Loading…
Reference in New Issue