dstack icon indicating copy to clipboard operation
dstack copied to clipboard
verified publisher icon dstackai

Clean up unused TLS certificates on gateways

Open jvstme opened this issue 1 year ago • 12 comments

Problem

TLS certificates are never deleted on gateways. Even if a certificate was issued for a service that is no longer running and may never run again, the certificate is still stored on disk and updated regularly (every 3 months by default), wasting resources and CA limits.

Solution

Automatically delete the certificates that have not been used for any services for some time, e.g. 2 weeks.

(keeping a certificate for some time after its service has been stopped is useful to avoid reissuing it if the service is soon restarted with the same name)

jvstme avatar Mar 19 '24 10:03 jvstme

This issue is stale because it has been open for 30 days with no activity.

peterschmidt85 avatar Apr 19 '24 01:04 peterschmidt85

This issue was closed because it has been inactive for 14 days since being marked as stale.

peterschmidt85 avatar May 03 '24 01:05 peterschmidt85

Still relevant

jvstme avatar May 03 '24 08:05 jvstme

This issue is stale because it has been open for 30 days with no activity.

peterschmidt85 avatar Jun 03 '24 01:06 peterschmidt85

This issue is stale because it has been open for 30 days with no activity.

peterschmidt85 avatar Jul 06 '24 01:07 peterschmidt85

This issue was closed because it has been inactive for 14 days since being marked as stale. Please reopen the issue if it is still relevant.

peterschmidt85 avatar Jul 20 '24 01:07 peterschmidt85