mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-06 15:17:01 +02:00
Code Issues Projects Releases Wiki Activity

DOC: configuration: add details about crt-store in bind "crt" keyword

Browse Source 
Add some details about the certificate storage cache system in the "crt"
bind keyword.

This should be backported to 3.0. Fix issue #2618.
This commit is contained in:
William Lallemand 2024-07-01 12:17:00 +02:00
parent b789cef91f
commit ba37ad41b2
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
doc/configuration.txt
View File

@ -15945,8 +15945,15 @@ crl-file <crlfile>
list for every certificate of your certificate authority chain. list for every certificate of your certificate authority chain.
crt <cert> crt <cert>
This setting is only available when support for OpenSSL was built in. It This setting is only available when support for OpenSSL was built in.
designates a PEM file containing both the required certificates and any
HAProxy uses a cache system, the files are loaded only once in the certificate
storage, and each next "crt" keyword will use this cached version. When the
certificate was declared in a "crt-store", the certificate storage is
populated from there and don't try to load additional files by detecting file
extensions.
It designates a PEM file containing both the required certificates and any
associated private keys. This file can be built by concatenating multiple associated private keys. This file can be built by concatenating multiple
PEM files into one (e.g. cat cert.pem key.pem > combined.pem). If your CA PEM files into one (e.g. cat cert.pem key.pem > combined.pem). If your CA
requires an intermediate certificate, this can also be concatenated into this requires an intermediate certificate, this can also be concatenated into this