RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-14 15:34:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

DOC: configuration: httpclient global option

Browse Source 
Documentation about the 4 options in the global section for the
httpclient:

- httpclient.ssl.verify
- httpclient.ssl.ca-file
- httpclient.resolvers.id
- httpclient.resolvers.prefer
This commit is contained in:
William Lallemand 2022-05-04 18:14:25 +02:00
parent 7c5a7ef32b
commit de1803f8a9
1 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
doc/configuration.txt
View File

@ -1487,6 +1487,43 @@ h1-case-adjust-file <hdrs-file>
See "h1-case-adjust", "option h1-case-adjust-bogus-client" and
"option h1-case-adjust-bogus-server".
httpclient.ssl.ca-file <cafile>
This option defines the ca-file which should be used to verify the server
certificate. It takes the same parameters as the "ca-file" option on the
server line.
By default and when this option is not used, the value is
"@system-ca" which tries to load the CA of the system. If it fails the SSL
will be disabled for the httpclient.
However, when this option is explicitly enabled it will trigger a
configuration error if it fails.
httpclient.ssl.verify [none|required]
Works the same way as the verify option on server lines. If specified to 'none',
servers certificates are not verified. Default option is "required".
By default and when this option is not used, the value is
"required". If it fails the SSL will be disabled for the httpclient.
However, when this option is explicitly enabled it will trigger a
configuration error if it fails.
httpclient.resolvers.id <resolvers id>
This option defines the resolvers section with which the httpclient will try
to resolve.
Default option is the "default" resolvers ID. By default, if this option is
not used, it will simply disable the resolving if the section is not found.
However, when this option is explicitly enabled it will trigger a
configuration error if it fails to load.
httpclient.resolvers.prefer <ipv4|ipv6>
This option allows to chose which family of IP you want when resolving,
which is convenient when IPv6 is not available on your network. Default
option is "ipv6".
insecure-fork-wanted
By default HAProxy tries hard to prevent any thread and process creation
after it starts. Doing so is particularly important when using Lua files of