show ssl cert
List certificates used on frontends. If a filename is prefixed by an asterisk in the result, it is a part of a transaction that has not yet been committed. Specify a filename to see details about a specific certificate.
HAProxy Enterprise can update an SSL certificate that it loaded into memory at startup. The workflow to update a certificate is:
Start a transaction that uploads the local certificate file into memory using
set ssl cert.
Commit the transaction to update the certificate using
commit ssl cert.
show ssl cert to see the file before and after committing it. Pending files have an asterisk before their names.
View certificates loaded into HAProxy Enterprise's runtime memory:
$ echo "show ssl cert" | socat stdio tcp4-connect:127.0.0.1:9999 # transaction */etc/hapee-2.3/certs/site.pem # filename /etc/hapee-2.3/certs/site.pem
View a specific certificate:
$ echo "show ssl cert */etc/hapee-2.3/certs/site.pem" | socat stdio tcp4-connect:127.0.0.1:9999 Filename: */etc/hapee-2.3/certs/site.pem Status: Unused Serial: 1F5202E02083861B302FFA09045721F07C865EFD notBefore: Aug 12 17:05:34 2020 GMT notAfter: Aug 12 17:05:34 2021 GMT Subject Alternative Name: Algorithm: RSA2048 SHA1 FingerPrint: C2958E4ABDF89447BF0BEDEF43A1A202213B7B4C Subject: /C=US/ST=Ohio/L=Columbus/O=Company/CN=example.local
Next upshow ssl crt-list