mirror of
https://github.com/haproxy/haproxy.git
synced 2026-02-03 20:39:41 -05:00
f2a545be2c
Add "generate" on/off type keyword to "load" directive to automatically generate certificates as this is done for ACME from ckch_conf_load_pem_or_generate() function which is called if a "crt" keyword is also provide for this directive. Also implement "keytype" to specify the key type used for these certificates. Only "RSA" or "ECDSA" is accepted. This patch also implements "bits" keyword for the "load" directive to specify the private key size used for RSA. For ECDSA, a new "curves" keyword is also provided by this patch to specify the curves to be used for the EDCSA private keys generation. ACME code has been modified to use these new parameters. acme_gen_x509() new function is implemented from acme_gen_tmp_x509() to took an EVP_KEY parameter as unique parameter contraty to acme_gen_tmp_x509() which directly used <tmp_key> global EVP_KEY variable initialized by ACME as temporary key before retreiving its own keys. <tmp_key> is generated by acme_EVP_PKEY_gen() as an 2048 bits RSA key. This latter function is used by ckch_conf_load_pem_or_generate() with the parameters provided by "keytype", "bits" and "curves" to generate the private key before generating the X509 certificate calling acme_gen_x509(). |
||
|---|---|---|
| .. | ||
| design-thoughts | ||
| internals | ||
| lua-api | ||
| 51Degrees-device-detection.txt | ||
| acl.fig | ||
| coding-style.txt | ||
| configuration.txt | ||
| cookie-options.txt | ||
| DeviceAtlas-device-detection.txt | ||
| gpl.txt | ||
| haproxy.1 | ||
| HAProxyCommunityEdition_60px.png | ||
| intro.txt | ||
| lgpl.txt | ||
| linux-syn-cookies.txt | ||
| lua.txt | ||
| management.txt | ||
| netscaler-client-ip-insertion-protocol.txt | ||
| network-namespaces.txt | ||
| peers-v2.0.txt | ||
| peers.txt | ||
| proxy-protocol.txt | ||
| queuing.fig | ||
| regression-testing.txt | ||
| seamless_reload.txt | ||
| SOCKS4.protocol.txt | ||
| SPOE.txt | ||
| WURFL-device-detection.txt | ||
