re: proxy.config.ssl.client.CA.cert.filename Our openssl library build does not contain a CA trust/bundle file in the expected OPENSSLDIR directory. So I have to set the above ATS parameter so ATS can validate origin certificates. The parameter is listed as reloadable in the ATS 9.1.x records.config documentation. However, a reload doesn't seem to 'activate' a lookup against this file. A restart seems to be the only way ATS will begin to validate a cert chain against this file. Just trying to clean up some warnings seen in diags.log. Origin handshakes do complete as verify.server.policy is set to PERMISSIVE
So question is.. Should this param be reloadable or is documentation incorrect ? Thanks!
