Signed-off-by: Nenad Merdanovic <[email protected]> --- doc/configuration.txt | 8 ++++++++ 1 file changed, 8 insertions(+)
diff --git a/doc/configuration.txt b/doc/configuration.txt index bb7d567..abe592b 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -8969,6 +8969,14 @@ tfo need to build HAProxy with USE_TFO=1 if your libc doesn't define TCP_FASTOPEN. +tls-ticket-keys <keyfile> + Sets the TLS ticket keys file to load the keys from. The keys need to be 48 + bytes long, encoded with base64 (ex. openssl rand -base64 48). Number of keys + is specified by the TLS_TICKETS_NO build option (default 3) and at least as + many keys need to be present in the file. Last TLS_TICKETS_NO keys will be + used for decryption and only the last one for encryption. This enables easy + key rotation by just appending new key to the file and reloading the process. + transparent Is an optional keyword which is supported only on certain Linux kernels. It indicates that the addresses will be bound even if they do not belong to the -- 2.1.4
