William Lallemand
William Lallemand
@vkssv please don't close the tickets until the fixes are backported in all branches that are concerned.
OPTIONS and TRACE could be done easily, however I don't think CONNECT could. The httpclient is meant to process 1 HTTP request and response, so things like CONNECT or websockets...
No, but contributions are welcome.
You are not using HAProxy correctly, `ca-file` is meant to be used as a CA when doing client authentication.
Could be good to know what haproxy version you are testing. No idea how QUIC interop is supposed to work but we know that other implementations than OpenSSL and quictls...
0-RTT is not implemented in LibreSSL, and they don't intend to support it, it is considered insecure by the libreSSL developers
Hello, I can't reproduce your problem. Could you provide logs? That would be difficult to determine what's going on without them. Also you should try to test using a curl...
@FedericoCeratto there are already plenty of solutions which use a separated client indeed, certbot, acme.sh etc which works well once correctly configured. But this ticket is about a builtin ACME...
quick note about this, a builtin ACME client won't be released for now, however I made some changes to the deployment script of acme.sh to be able to use the...
> Maybe an intermediate solution would be to put the response challenge in an environment variable so that it doesn't appear in the config itself. The configuration example I wrote...