Hi @pelis,
Yes that indeed was a problem in my first proposal: All the nodes received (at startup) a RED.settings instance, which contained the original (pre-loaded) content of the certificate.pem and privatekey.pem files. When I loaded a renewed file afterwards, the nodes still only had the old original file contents at their disposal.
However in the last version of my code (based on Nick's proposal), all the nodes now have the two new properties available:
And since the settings contain a renewal "function":
This means that now each node can execute that function, to read the (perhaps renewed) files whenever they want. They will receive two buffers that represent the content of both files: