DOC: configuration: add details about crt-store in bind "crt" keyword

Add some details about the certificate storage cache system in the "crt"
bind keyword.

This should be backported to 3.0. Fix issue #2618.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 01b078abc874590f7c2be94ac0277483d8218352..76a5df0624427f3a3bb2f2773bd9c991221ff8f7 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -15945,8 +15945,15 @@ crl-file <crlfile>
   list for every certificate of your certificate authority chain.
 
 crt <cert>
-  This setting is only available when support for OpenSSL was built in. It
-  designates a PEM file containing both the required certificates and any
+  This setting is only available when support for OpenSSL was built in.
+
+  HAProxy uses a cache system, the files are loaded only once in the certificate
+  storage, and each next "crt" keyword will use this cached version. When the
+  certificate was declared in a "crt-store", the certificate storage is
+  populated from there and don't try to load additional files by detecting file
+  extensions.
+
+  It designates a PEM file containing both the required certificates and any
   associated private keys. This file can be built by concatenating multiple
   PEM files into one (e.g. cat cert.pem key.pem > combined.pem). If your CA
   requires an intermediate certificate, this can also be concatenated into this