Dynamic SSL Certificate Storage in HAProxy #309
Labels
enhancement
New feature or request
Comments
|
Hi @fatchan we are working on the big rework of our certificate storage, so we can take full advantage of runtime storage of HAProxy in the future, so it will be a feature in the next release. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi, when I add or remove an SSL certificate from HAProxy with dataplaneapi, it seems a reload is required for the changes to take effect.
However, Haproxy 2.1 and 2.2, apparently SSL certificates can be updated and added/removed without requiring a reload:
https://www.haproxy.com/blog/dynamic-ssl-certificate-storage-in-haproxy
https://www.haproxy.com/blog/announcing-haproxy-2-2#dynamic-ssl-certificate-storage
Is it possible for this to be supported in dataplaneapi?
Edit: In the meantime, I have monkey-patched my forks of dataplaneapi and client-native to issue the necessary
ssl certandssl crt-listcommands during storage create and storage delete of ssl certificates. Then, I always set skip_reload=true or force_reload=false. This allows me to add/remove the certificates without a reload.The text was updated successfully, but these errors were encountered: