1berry/haproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

DOC: configuration: specify limitations of ACME for 3.2

Browse Source 
Specify the version for which the limitation applies.
This commit is contained in:
William Lallemand 2025-04-16 14:30:45 +02:00
parent 608eb3d090
commit f36f9ca21c
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/configuration.txt
View File

@ -5879,12 +5879,12 @@ The ACME section allows to configure HAProxy as an ACMEv2 client. This feature
is experimental meaning that "expose-experimental-directives" must be in the is experimental meaning that "expose-experimental-directives" must be in the
global section so this can be used. global section so this can be used.
Current limitations: The feature is limited to the HTTP-01 challenge for now. Current limitations as of 3.2: The feature is limited to the HTTP-01 challenge
The current HAProxy architecture is a non-blocking model, access to the disk is for now. The current HAProxy architecture is a non-blocking model, access to
not supposed to be done after the configuration is loaded, because it could the disk is not supposed to be done after the configuration is loaded, because
block the event loop, blocking the traffic on the same thread. Meaning that the it could block the event loop, blocking the traffic on the same thread. Meaning
certificates and keys generated from HAProxy will need to be dumped from that the certificates and keys generated from HAProxy will need to be dumped
outside HAProxy using "dump ssl cert" on the stats socket. from outside HAProxy using "dump ssl cert" on the stats socket.
The generation is not scheduled and must be triggered using the CLI command The generation is not scheduled and must be triggered using the CLI command
"acme renew". "acme renew".