MEDIUM: ssl: ssl-load-extra-del-ext work only with .crt In order to be compatible with the "set ssl cert" command of the CLI, this patch restrict the ssl-load-extra-del-ext to files with a ".crt" extension in the configuration. Related to issue #785. Should be backported where 8e8581e ("MINOR: ssl: 'ssl-load-extra-del-ext' removes the certificate extension") was backported.

commit: 089c13850fe46c9e52db9a84b47f7c6485dd8273 [log] [tgz]
author: William Lallemand <wlallemand@haproxy.com> Fri Oct 23 17:35:12 2020 +0200
committer: William Lallemand <wlallemand@haproxy.org> Fri Oct 23 18:41:08 2020 +0200
tree: f7a8ab4cc65eae06d172a180ba8b92d64f825e0a
parent: 2fbe6940f4cce550928fd665df4a48b9d0df99b5 [diff] [blame]
diff --git a/doc/configuration.txt b/doc/configuration.txt
index 4d413be..5e38889 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt

@@ -1377,9 +1377,11 @@
 ssl-load-extra-del-ext
   This setting allows to configure the way HAProxy does the lookup for the
   extra SSL files. By default HAProxy adds a new extension to the filename.
-  (ex: with "foobar.pem" load "foobar.pem.key"). With this option enabled,
+  (ex: with "foobar.crt" load "foobar.crt.key"). With this option enabled,
   HAProxy removes the extension before adding the new one (ex: with
-  "foobar.pem" load "foobar.key").
+  "foobar.crt" load "foobar.key").
+
+  Your crt file must have a ".crt" extension for this option to work.
 
   This option is not compatible with bundle extensions (.ecdsa, .rsa. .dsa)
   and won't try to remove them.
commit	089c13850fe46c9e52db9a84b47f7c6485dd8273	[log] [tgz]
author	William Lallemand <wlallemand@haproxy.com>	Fri Oct 23 17:35:12 2020 +0200
committer	William Lallemand <wlallemand@haproxy.org>	Fri Oct 23 18:41:08 2020 +0200
tree	f7a8ab4cc65eae06d172a180ba8b92d64f825e0a
parent	2fbe6940f4cce550928fd665df4a48b9d0df99b5 [diff] [blame]