On Sat, Nov 21, 2020 at 07:48:48AM -0300, Joao Morais wrote: > > The attached patch adds some clarification on how one can declare a > proper fallback certificate using crt-list. Feel free to ask me to > tune verbosity to a higher or lower level. >
That's actually a bit confusing, because the first line of a crt-list is not the default certificate. The default certificate is the first certificate declared on a bind line. For example: bind :443 ssl crt default.pem crt-list list1.crtlist bind :443 ssl crt-list list1.crtlist crt-list list2.crtlist In the first case, the fallback certificate will be "default.pem", and in the second case, it will be the fist line of "list1.crtlist". -- William Lallemand
