RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-02-18 03:26:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

DOC: ssl: Add information about crl-file option

Browse Source 
When using the crl-file option with multiple Certificate Authority
levels in the CA chain, there must be one CRL per CA or the verify
function on the backend side will raise an "unagle to get certificate
CRL" error (error code 3).

This was required by GitHub issue #1201.
This commit is contained in:
Remi Tricot-Le Breton 2021-05-04 12:22:34 +02:00 committed by William Lallemand
parent 90f2c7f41a
commit 02bd68431b
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
doc/configuration.txt
View File

@ -13373,7 +13373,8 @@ ciphersuites <ciphersuites>
crl-file <crlfile>
This setting is only available when support for OpenSSL was built in. It
designates a PEM file from which to load certificate revocation list used
to verify client's certificate.
to verify client's certificate. You need to provide a certificate revocation
list for every certificate of your certificate authority chain.
crt <cert>
This setting is only available when support for OpenSSL was built in. It