From d6e3e5b3a647f6f1b75293193e4583ab3e6a7106 Mon Sep 17 00:00:00 2001 From: William Lallemand Date: Thu, 20 Nov 2025 12:44:54 +0100 Subject: [PATCH] DOC: acme: configuring acme needs a crt file Configuring acme in 3.2 needs a certificate on the disk. To be backported to 3.2 --- doc/configuration.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/doc/configuration.txt b/doc/configuration.txt index 12ae3f90d..9db057d70 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -31033,6 +31033,9 @@ Current limitations as of 3.2: - The feature is limited to the HTTP-01 or DNS-01 challenges for now. HTTP-01 is completely handled by HAProxy, but DNS-01 needs either the dataplaneAPI or another 3rd party tool to talk to a DNS provider API. +- Configuring acme needs a configuration with a crt, it's currently not + possible to start without this crt on the disk, a key-pair must already exist + to start haproxy. It is recommanded to use an expired certificate for that. - The current HAProxy architecture is a non-blocking model, access to the disk is not supposed to be done after the configuration is loaded, because it could block the event loop, blocking the traffic on the same thread. Meaning -- 2.47.3