From: Remi Tricot-Le Breton <rlebreton@haproxy.com>
Date: Wed, 14 Apr 2021 14:19:28 +0000 (+0200)
Subject: DOC: ssl: Certificate hot update only works on fronted certificates
X-Git-Url: http://git.haproxy.org/?a=commitdiff_plain;h=1fc55afad6899d1c723e60003826b38d993943cd;p=haproxy-2.1.git

DOC: ssl: Certificate hot update only works on fronted certificates

The CLI's "set ssl cert" command only works on frontend certificates but
the documentation did not specify this limitations yet.

This patch can be backported to all stable branches.

(cherry picked from commit 3445909a63697c46a86961a93fc3e4a79a835b87)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit b45995f611e2f5a644d4136a97b854cb7a79f3d8)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit fd62e46ec88e4c430f209a79f453ccf986d77e5e)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
---

diff --git a/doc/management.txt b/doc/management.txt
index 16de100..4a4714d 100644
--- a/doc/management.txt
+++ b/doc/management.txt
@@ -1797,6 +1797,8 @@ set severity-output [ none | number | string ]
 set ssl cert <filename> <payload>
   This command is part of a transaction system, the "commit ssl cert" and
   "abort ssl cert" commands could be required.
+  This whole transaction system works on any certificate displayed by the
+  "show ssl cert" command, that is only frontend certificates for now.
   If there is no on-going transaction, it will duplicate the certificate
   <filename> in memory to a temporary transaction, then update this
   transaction with the PEM file in the payload. If a transaction exists with