diff --git a/include/haproxy/ssl_ckch.h b/include/haproxy/ssl_ckch.h
index dd68662b5..54c3c94a6 100644
--- a/include/haproxy/ssl_ckch.h
+++ b/include/haproxy/ssl_ckch.h
@@ -59,6 +59,7 @@ void ckch_inst_add_cafile_link(struct ckch_inst *ckch_inst, struct bind_conf *bi
 /* ssl_store functions */
 struct cafile_entry *ssl_store_get_cafile_entry(char *path, int oldest_entry);
 X509_STORE* ssl_store_get0_locations_file(char *path);
+int ssl_store_add_uncommitted_cafile_entry(struct cafile_entry *entry);
 struct cafile_entry *ssl_store_create_cafile_entry(char *path, X509_STORE *store);
 void ssl_store_delete_cafile_entry(struct cafile_entry *ca_e);
 int ssl_store_load_ca_from_buf(struct cafile_entry *ca_e, char *cert_buf);
diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 10123b4fa..3664ae624 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -961,6 +961,11 @@ struct cafile_entry *ssl_store_get_cafile_entry(char *path, int oldest_entry)
 	return ca_e;
 }
 
+int ssl_store_add_uncommitted_cafile_entry(struct cafile_entry *entry)
+{
+	return (ebst_insert(&cafile_tree, &entry->node) != &entry->node);
+}
+
 X509_STORE* ssl_store_get0_locations_file(char *path)
 {
 	struct cafile_entry *ca_e = ssl_store_get_cafile_entry(path, 0);