mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-05-04 20:46:11 +02:00
Code Issues Projects Releases Wiki Activity

DOC: acme: configuring acme needs a crt file

Browse Source 
Configuring acme in 3.2 needs a certificate on the disk.

To be backported to 3.2
This commit is contained in:
William Lallemand 2025-11-20 12:44:54 +01:00
parent 332dcaecba
commit d6e3e5b3a6
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
doc/configuration.txt
View File

@ -31033,6 +31033,9 @@ Current limitations as of 3.2:
- The feature is limited to the HTTP-01 or DNS-01 challenges for now. HTTP-01
is completely handled by HAProxy, but DNS-01 needs either the dataplaneAPI or
another 3rd party tool to talk to a DNS provider API.
- Configuring acme needs a configuration with a crt, it's currently not
possible to start without this crt on the disk, a key-pair must already exist
to start haproxy. It is recommanded to use an expired certificate for that.
- The current HAProxy architecture is a non-blocking model, access to the disk
is not supposed to be done after the configuration is loaded, because it
could block the event loop, blocking the traffic on the same thread. Meaning