haproxy container does not use distro CA certificates by default.

We will add an option to the BackendConfig CRD to use them if desired.

haproxy container does not use distro CA certificates by default.
We will add an option to the BackendConfig CRD to use them if desired.
b3de1a08 · Geoff Simmons · 3e30efd5 · b3de1a08
Commit b3de1a08 authored Nov 10, 2021 by Geoff Simmons
Hide whitespace changes
Inline Side-by-side

Showing with 0 additions and 2 deletions

haproxy.cfg container/haproxy.cfg +0 -2

No files found.
--- a/container/haproxy.cfg
+++ b/container/haproxy.cfg
@@ -7,8 +7,6 @@ global
 	group varnish
        master-worker

-	ca-base /etc/ssl/certs
-
 	# See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
        ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
        ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256