I'm trying to figure out what would be missing to consider server crt-s as crt-lists (as in bind lines) so that they could be listed via "show ssl crt-list" APIs and also managed (essentially renewed) this way.
Exemple: backend foo-using-client-auth default-server check ssl crt /path/to/crt-list ca-file /path/to/my/ca.pem server srv0 192.0.2.1:80 I'd like then to manage this using: set ssl cert <certfile> <payload> The use-case being the following: when integrating with service mesh solutions such as consul-connect, you may want to reduce the disruption occurring when certificates are renewed. And in such kind of solution, they are renewed quite often (once every few tens of hours). In this case the memory space is already allocated etc. so I (naively?) think it probably doesn't hurt too much. What is your point-of-view? -- Pierre