Re: [DEV] ssl bind_conf per certificat

Emmanuel Hocdet Fri, 13 Jan 2017 02:08:26 -0800

This patch implement ‘curves’ ssl parameter for bind and crt-list.

It’s for 1.8dev.

0001-MINOR-ssl-add-curve-suite-for-ECDHE-negotiation.patch
Description: Binary data

Le 13 janv. 2017 à 11:01, Emmanuel Hocdet <m...@gandi.net> a écrit :

This patch implement the ssl bind configuration per certificat.
It’s for 1.8dev.

for example:

haproxy.cfg:
bind :443 ssl strict-sni crt-list /etc/haproxy/crtlist.cfg

crtlist.cfg:
mycert.pem [alpn h2,http/1.1] h2.mydom.net
mycert.pem [verify required ca-file ca-admin.pem] admin.mydom.net
mycert.pem # legacy ssl for all others SNI find in CN/SAN in mycert.pem
othercert.pem [alpn http/1.1]

<0001-MAJOR-ssl-bind-configuration-per-certificat.patch>

Re: [DEV] ssl bind_conf per certificat

Reply via email to