diff --git a/include/haproxy/ssl_ckch.h b/include/haproxy/ssl_ckch.h
index c8efb56c4..3ec2c3586 100644
--- a/include/haproxy/ssl_ckch.h
+++ b/include/haproxy/ssl_ckch.h
@@ -46,7 +46,11 @@ void ckch_store_free(struct ckch_store *store);
 void ckch_store_replace(struct ckch_store *old_ckchs, struct ckch_store *new_ckchs);
 int ckch_store_load_files(struct ckch_conf *f, struct ckch_store *c, char **err);
 
+/* ckch_conf functions */
+
 int ckch_conf_parse(char **args, int cur_arg, struct ckch_conf *f, int *found, const char *file, int linenum, char **err);
+void ckch_conf_clean(struct ckch_conf *conf);
+
 /* ckch_inst functions */
 void ckch_inst_free(struct ckch_inst *inst);
 struct ckch_inst *ckch_inst_new();
diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index b918fc133..e91f42d73 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -909,11 +909,7 @@ void ckch_store_free(struct ckch_store *store)
 	ha_free(&store->data);
 
 	/* free the ckch_conf content */
-	free(store->conf.crt);
-	free(store->conf.key);
-	free(store->conf.ocsp);
-	free(store->conf.issuer);
-	free(store->conf.sctl);
+	ckch_conf_clean(&store->conf);
 
 	free(store);
 }
@@ -4208,6 +4204,16 @@ int ckch_conf_parse(char **args, int cur_arg, struct ckch_conf *f, int *found, c
 	return err_code;
 }
 
+/* freeing the content of a ckch_conf structure */
+void ckch_conf_clean(struct ckch_conf *conf)
+{
+	free(conf->crt);
+	free(conf->key);
+	free(conf->ocsp);
+	free(conf->issuer);
+	free(conf->sctl);
+}
+
 static char current_crtstore_name[PATH_MAX] = {};
 
 static int crtstore_parse_load(char **args, int section_type, struct proxy *curpx, const struct proxy *defpx,