From: William Lallemand Date: Wed, 16 Apr 2025 12:30:45 +0000 (+0200) Subject: DOC: configuration: specify limitations of ACME for 3.2 X-Git-Tag: v3.2-dev11~52 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f36f9ca21c7c430f326cd6b347ad0553d927feae;p=thirdparty%2Fhaproxy.git DOC: configuration: specify limitations of ACME for 3.2 Specify the version for which the limitation applies. --- diff --git a/doc/configuration.txt b/doc/configuration.txt index eb0a4b365..15f944687 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -5879,12 +5879,12 @@ The ACME section allows to configure HAProxy as an ACMEv2 client. This feature is experimental meaning that "expose-experimental-directives" must be in the global section so this can be used. -Current limitations: The feature is limited to the HTTP-01 challenge for now. -The current HAProxy architecture is a non-blocking model, access to the disk is -not supposed to be done after the configuration is loaded, because it could -block the event loop, blocking the traffic on the same thread. Meaning that the -certificates and keys generated from HAProxy will need to be dumped from -outside HAProxy using "dump ssl cert" on the stats socket. +Current limitations as of 3.2: The feature is limited to the HTTP-01 challenge +for now. The current HAProxy architecture is a non-blocking model, access to +the disk is not supposed to be done after the configuration is loaded, because +it could block the event loop, blocking the traffic on the same thread. Meaning +that the certificates and keys generated from HAProxy will need to be dumped +from outside HAProxy using "dump ssl cert" on the stats socket. The generation is not scheduled and must be triggered using the CLI command "acme renew".