How does the manual shared secret rollover work? Does the SmHost.conf file get updated? and when?
The shared secret rollover mechanism is as follows:
So, each time a request is received on an existing connection and the current time is 15 minutes (or more) greater than the "last check time", the trusted host object is checked to see (by checking the shared secret timestamp) if rollover has occurred. If so, the connection is immediately marked as expired, in order to force a new handshake and deliver the new secret to the host. SMHost.conf gets updated to mark this.