WHATSNEW: Add TLS cert reload feature

author Andrew Bartlett <abartlet@samba.org>

Fri, 21 Jul 2023 04:56:49 +0000 (16:56 +1200)

committer Andrew Bartlett <abartlet@samba.org>

Tue, 25 Jul 2023 21:02:35 +0000 (21:02 +0000)
author Andrew Bartlett <abartlet@samba.org>
Fri, 21 Jul 2023 04:56:49 +0000 (16:56 +1200)
committer Andrew Bartlett <abartlet@samba.org>
Tue, 25 Jul 2023 21:02:35 +0000 (21:02 +0000)
diff --git a/WHATSNEW.txt b/WHATSNEW.txt

index 17067eb7e27a616aaacf12b65cc531dcaad89506..4619a5009c4bb3947a289ae118413e0611f37ce2 100644 (file)
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -210,6 +210,16 @@ administrator to use an encrypted connection in the future.
  NOTE WELL: If Samba is accessed via a TLS frontend or load balancer,
  the LDAP request will be regarded as plaintext.
  
+Samba AD TLS Certificates can be reloaded
+-----------------------------------------
+
+The TLS certificates used for Samba's AD DC LDAP server were
+previously only read on startup, and this meant that when then expired
+it was required to restart Samba, disrupting service to other users.
+
+ smbcontrol ldap_server reload-certs
+
+This will now allow these certificates to be reloaded 'on the fly'
  
  ================
  REMOVED FEATURES
author	Andrew Bartlett <abartlet@samba.org>
	Fri, 21 Jul 2023 04:56:49 +0000 (16:56 +1200)
committer	Andrew Bartlett <abartlet@samba.org>
	Tue, 25 Jul 2023 21:02:35 +0000 (21:02 +0000)