DOC: configuration: add the ca-file changes
Add the documentation about the directory support and @system-ca for the
"ca-file" directive.
diff --git a/doc/configuration.txt b/doc/configuration.txt
index cb05fef..e184f4e 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -13631,7 +13631,9 @@
ca-file <cafile>
This setting is only available when support for OpenSSL was built in. It
designates a PEM file from which to load CA certificates used to verify
- client's certificate.
+ client's certificate. It is possible to load a directory containing multiple
+ CAs, in this case HAProxy will try to load every ".pem", ".crt", ".cer", and
+ .crl" available in the directory.
ca-ignore-err [all|<errorID>,...]
This setting is only available when support for OpenSSL was built in.
@@ -14418,7 +14420,13 @@
ca-file <cafile>
This setting is only available when support for OpenSSL was built in. It
designates a PEM file from which to load CA certificates used to verify
- server's certificate.
+ server's certificate. It is possible to load a directory containing multiple
+ CAs, in this case HAProxy will try to load every ".pem", ".crt", ".cer", and
+ .crl" available in the directory.
+
+ In order to use the trusted CAs of your system, the "@system-ca" parameter
+ could be used in place of the cafile. The location of this directory could be
+ overwritten by setting the SSL_CERT_DIR environment variable.
check
This option enables health checks on a server: