Comment by remram
4 years ago
Unfortunately this also fails in interesting ways...
Just recently, I let one of my certificates expire. The cronjob correctly renewed it, but nginx was not reloaded and kept using the previous certificate. This had never happened before, because I would usually make changes regularly and trigger a reload, which would load the new certificate. Therefore this website had run without issues for 2 years with an incomplete renewal configuration until it finally broke...
Yes, we had lots of issues with nginx serving stale configuration, sometimes even after a reload. I learned to distrust nginx's reload and use two or three nginx servers so I could restart one after updating configs.