Hi all, We have a customer who wants to protect a site with client certificates. However the client certificates are created with two different root ca's.
If we configure one CA cert in the ca-file everything works great. When I add the second CA, access for clients with a cert from the first ca are allowed. Clients with certificates from the second ca are refused. If I change the order off CA certificates it's just the other way around. Example off our configuration: --------------------- frontend frontend_with_ca mode http bind 10.11.12.13:443 ssl crt-list /etc/haproxy/crt-list-frontend_with_ca transparent no-tlsv10 no-tlsv11 ca-file /etc/haproxy/trusted_ca.pem verify required --------------------- Is it to possible to allow client certificates from two different root ca's in one frontend? We are using HA-Proxy version 1.8.12 from IUS. Thanks in advance! Kind regards, Coen