DOC: configuration: issuers-chain-path not compatible with OCSP State that issuers-chain-path is not compatible with OCSP features. Must be backported in every stable version. (cherry picked from commit 8a3e4a608b5cfd50f080d082f21cf5b673fdc292) Signed-off-by: Willy Tarreau <w@1wt.eu> (cherry picked from commit a706f30b8d16642eaa12b167eaea3b9557924ae8) [wt: adj ctx] Signed-off-by: Willy Tarreau <w@1wt.eu> (cherry picked from commit 9eddddd38f9d6c1bc9647c74f30bc843185eb3a8) Signed-off-by: Willy Tarreau <w@1wt.eu>

commit: 61ff613701cdad74a93fbdd0926d75b40242ffcd [log] [tgz]
author: William Lallemand <wlallemand@haproxy.com> Wed Jul 17 17:46:16 2024 +0200
committer: Willy Tarreau <w@1wt.eu> Mon Jul 29 14:55:12 2024 +0200
tree: f783df367d10fb5282c96d5170f177f95d65e47e
parent: f45355ee5ddae53efd8d785c59eab2a491d65a56 [diff]
diff --git a/doc/configuration.txt b/doc/configuration.txt
index abb620c..db218c5 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt

@@ -1777,6 +1777,10 @@
   "issuers-chain-path" directory. All other certificates with the same issuer
   will share the chain in memory.
 
+  The OCSP features are not able to use the completed chain from
+  'issuers-chain-path', please use an additionnal .issuer file if you want to
+  achieve OCSP stapling.
+
 limited-quic
   This setting must be used to explicitly enable the QUIC listener bindings when
   haproxy is compiled against a TLS/SSL stack without QUIC support, typically
commit	61ff613701cdad74a93fbdd0926d75b40242ffcd	[log] [tgz]
author	William Lallemand <wlallemand@haproxy.com>	Wed Jul 17 17:46:16 2024 +0200
committer	Willy Tarreau <w@1wt.eu>	Mon Jul 29 14:55:12 2024 +0200
tree	f783df367d10fb5282c96d5170f177f95d65e47e
parent	f45355ee5ddae53efd8d785c59eab2a491d65a56 [diff]