On Fri, Feb 14, 2020 at 03:25:48PM +0100, Emmanuel Hocdet wrote: > Hi, > > Is there any hope that this proposal will be considered before HAproxy 2.2? > > ++ > Manu
Hello, I'm ok with the feature itself. I'm still not fond of an "auto-discovery" based on the SKID, but I agree that's probably the most convenient way of doing it for the user. The way it's done we won't be able to change the issuers from the CLI easily, but these files don't change too often so that's not a problem at the moment. Can you add a little bit of explanation on how the discovery of the issuer is done in the documentation? I think we will probably need more information in the "show ssl cert" output in the future so the users can debug this kind of feature easily. Thanks, -- William Lallemand
