From 4153aae9325d5450f90a03a5bad451b9b5ef21cd Mon Sep 17 00:00:00 2001 From: William Lallemand Date: Mon, 4 May 2026 14:40:20 +0200 Subject: [PATCH] DOC: acme: document missing acme-vars and provider-name keywords Both keywords are used with dns-01 and dns-persist-01 challenges to pass information to an external DNS provisioning tool (e.g. the dataplaneAPI) via the "dpapi" sink. provider-name sets the DNS provider identifier and acme-vars passes arbitrary tool-specific variables. Thanks to @oliwer for reporting the issue. Must be backported to 3.2, however previous version don't have "dns-persist-01". --- doc/configuration.txt | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/doc/configuration.txt b/doc/configuration.txt index 1ea7ed3ca..3316db7c9 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -32447,6 +32447,16 @@ account-key openssl ecparam -name secp384r1 -genkey -noout -out account.key +acme-vars + Pass arbitrary variables to the external DNS provisioning tool (e.g. the + dataplaneAPI) via the "dpapi" sink. The semantics are tool-specific; refer + to your DNS provisioning tool's documentation. + + This keyword is only meaningful when the challenge type is "dns-01" or + "dns-persist-01". + + See also: "challenge", "provider-name" + bits Configure the number of bits to generate an RSA certificate. Default to 2048. Setting a too high value can trigger a warning if your machine is not @@ -32596,6 +32606,16 @@ profile # Request short-lived certificates profile shortlived +provider-name + Set the DNS provider name passed to the external DNS provisioning tool (e.g. + the dataplaneAPI) via the "dpapi" sink. The accepted values are + tool-specific; refer to your DNS provisioning tool's documentation. + + This keyword is only meaningful when the challenge type is "dns-01" or + "dns-persist-01". + + See also: "challenge", "acme-vars" + reuse-key { on | off } If set to "on", HAProxy won't generate a new private key and will keep the previous one. Rotating private keys is recommended, when enabling this option