commit | 842e94ee06c2c1e57078d91c28371248cf471386 | [log] [tgz] |
---|---|---|
author | Emmanuel Hocdet <manu@gandi.net> | Mon Dec 16 16:39:17 2019 +0100 |
committer | William Lallemand <wlallemand@haproxy.org> | Wed Mar 04 11:53:11 2020 +0100 |
tree | e3d5f5cc03f5ea70005e737b5573553772f788af | |
parent | 0214b45a61cd7cfd59d729b23f497a687192cde6 [diff] |
MINOR: ssl: add "ca-verify-file" directive It's only available for bind line. "ca-verify-file" allows to separate CA certificates from "ca-file". CA names sent in server hello message is only compute from "ca-file". Typically, "ca-file" must be defined with intermediate certificates and "ca-verify-file" with certificates to ending the chain, like root CA. Fix issue #404.