Update docs for 3.1

HAProxy Community · HAProxy Community · commit 11cddafd49b9 · 2025-10-02T00:58:13.000Z
diff --git a/docs/3.1/configuration.html b/docs/3.1/configuration.html
@@ -2,7 +2,7 @@
 <html lang="en">
 	<head>
 		<meta charset="utf-8" />
-		<title>HAProxy version 3.1.8-86 - Configuration Manual</title>
+		<title>HAProxy version 3.1.8-145 - Configuration Manual</title>
 		<link href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet" />
 		<link href="https://raw.githubusercontent.com/thomaspark/bootswatch/v3.3.7/cerulean/bootstrap.min.css" rel="stylesheet" />
 		<link href="../css/page.css?0.4.2-15" rel="stylesheet" />
@@ -3646,6 +3646,8 @@
 							
 							<a class="list-group-item" href="#ssl_bc_session_key">ssl_bc_session_key</a>
 							
+							<a class="list-group-item" href="#ssl_bc_sni">ssl_bc_sni</a>
+							
 							<a class="list-group-item" href="#ssl_bc_unique_id">ssl_bc_unique_id</a>
 							
 							<a class="list-group-item" href="#ssl_bc_use_keysize">ssl_bc_use_keysize</a>
@@ -4430,7 +4432,7 @@
 					You can use <strong>left</strong> and <strong>right</strong> arrow keys to navigate between chapters.<br>
 				</p>
 				<p class="text-right">
-					<small>Converted with <a href="https://github.com/cbonte/haproxy-dconv">haproxy-dconv</a> v<b>0.4.2-15</b> on <b>2025/08/26</b></small>
+					<small>Converted with <a href="https://github.com/cbonte/haproxy-dconv">haproxy-dconv</a> v<b>0.4.2-15</b> on <b>2025/10/01</b></small>
 				</p>
 			</div>
 			<!-- /.sidebar -->
@@ -4441,7 +4443,7 @@
 						<div class="text-center">
                             <h1><a href="http://www.haproxy.org/" title="HAProxy"><img src="../img/HAProxyCommunityEdition_60px.png?0.4.2-15" /></a></h1>
 							<h2>Configuration Manual</h2>
-							<p><strong>version 3.1.8-86</strong></p>
+							<p><strong>version 3.1.8-145</strong></p>
 							<p>
 								2025/06/02<br>
 								
@@ -6806,8 +6808,8 @@ <h2 id="chapter-2.4" data-target="2.4"><small><a class="small" href="#2.4">2.4.<
   - .warning &quot;message&quot; : emit this message at level WARNING
   - .alert &quot;message&quot;   : emit this message at level ALERT
 
-Messages emitted at level WARNING may cause the process to fail to start if the
-&quot;<a href="#strict-mode">strict-mode</a>&quot; is enabled. Messages emitted at level ALERT will always cause a
+Messages emitted at level WARNING may cause the process to fail to start if
+&quot;<a href="#zero-warning">zero-warning</a>&quot; is enabled. Messages emitted at level ALERT will always cause a
 fatal error. These can be used to detect some inappropriate conditions and
 provide advice to the user.
 </pre><div class="separator">
@@ -27181,6 +27183,7 @@ <h3 id="chapter-7.3.4" data-target="7.3.4"><small><a class="small" href="#7.3.4"
 <tr><td ><a href="#7-ssl_bc_server_random">ssl_bc_server_random</a></td><td >binary</td></tr>
 <tr><td ><a href="#7-ssl_bc_session_id">ssl_bc_session_id</a></td><td >binary</td></tr>
 <tr><td ><a href="#7-ssl_bc_session_key">ssl_bc_session_key</a></td><td >binary</td></tr>
+<tr><td ><a href="#7-ssl_bc_sni">ssl_bc_sni</a></td><td >string</td></tr>
 <tr><td ><a href="#7-ssl_bc_use_keysize">ssl_bc_use_keysize</a></td><td >integer</td></tr>
 <tr><td ><a href="#7-ssl_c_ca_err">ssl_c_ca_err</a></td><td >integer</td></tr>
 <tr><td ><a href="#7-ssl_c_ca_err_depth">ssl_c_ca_err_depth</a></td><td >integer</td></tr>
@@ -27189,8 +27192,8 @@ <h3 id="chapter-7.3.4" data-target="7.3.4"><small><a class="small" href="#7.3.4"
 <tr><td ><a href="#7-ssl_c_err">ssl_c_err</a></td><td >integer</td></tr>
 <tr><td ><a href="#7-ssl_c_i_dn">ssl_c_i_dn([&lt;entry&gt;[,&lt;occ&gt;[,&lt;format&gt;]]])</a></td><td >string</td></tr>
 <tr><td ><a href="#7-ssl_c_key_alg">ssl_c_key_alg</a></td><td >string</td></tr>
-<tr><td ><a href="#7-ssl_c_notafter">ssl_c_notafter</a></td><td >string</td></tr>
 <thead><tr><th>keyword</th><th>output type</th></tr></thead>
+<tr><td ><a href="#7-ssl_c_notafter">ssl_c_notafter</a></td><td >string</td></tr>
 <tr><td ><a href="#7-ssl_c_notbefore">ssl_c_notbefore</a></td><td >string</td></tr>
 <tr><td ><a href="#7-ssl_c_r_dn">ssl_c_r_dn([&lt;entry&gt;[,&lt;occ&gt;[,&lt;format&gt;]]])</a></td><td >string</td></tr>
 <tr><td ><a href="#7-ssl_c_s_dn">ssl_c_s_dn([&lt;entry&gt;[,&lt;occ&gt;[,&lt;format&gt;]]])</a></td><td >string</td></tr>
@@ -27210,8 +27213,8 @@ <h3 id="chapter-7.3.4" data-target="7.3.4"><small><a class="small" href="#7.3.4"
 <tr><td ><a href="#7-ssl_f_serial">ssl_f_serial</a></td><td >binary</td></tr>
 <tr><td ><a href="#7-ssl_f_sha1">ssl_f_sha1</a></td><td >binary</td></tr>
 <tr><td ><a href="#7-ssl_f_sig_alg">ssl_f_sig_alg</a></td><td >string</td></tr>
-<tr><td ><a href="#7-ssl_f_version">ssl_f_version</a></td><td >integer</td></tr>
 <thead><tr><th>keyword</th><th>output type</th></tr></thead>
+<tr><td ><a href="#7-ssl_f_version">ssl_f_version</a></td><td >integer</td></tr>
 <tr><td ><a href="#7-ssl_fc">ssl_fc</a></td><td >boolean</td></tr>
 <tr><td ><a href="#7-ssl_fc_alg_keysize">ssl_fc_alg_keysize</a></td><td >integer</td></tr>
 <tr><td ><a href="#7-ssl_fc_alpn">ssl_fc_alpn</a></td><td >string</td></tr>
@@ -27231,8 +27234,8 @@ <h3 id="chapter-7.3.4" data-target="7.3.4"><small><a class="small" href="#7.3.4"
 <tr><td ><a href="#7-ssl_fc_exporter_secret">ssl_fc_exporter_secret</a></td><td >string</td></tr>
 <tr><td ><a href="#7-ssl_fc_early_exporter_secret">ssl_fc_early_exporter_secret</a></td><td >string</td></tr>
 <tr><td ><a href="#7-ssl_fc_err">ssl_fc_err</a></td><td >integer</td></tr>
-<tr><td ><a href="#7-ssl_fc_err_str">ssl_fc_err_str</a></td><td >string</td></tr>
 <thead><tr><th>keyword</th><th>output type</th></tr></thead>
+<tr><td ><a href="#7-ssl_fc_err_str">ssl_fc_err_str</a></td><td >string</td></tr>
 <tr><td ><a href="#7-ssl_fc_has_crt">ssl_fc_has_crt</a></td><td >boolean</td></tr>
 <tr><td ><a href="#7-ssl_fc_has_early">ssl_fc_has_early</a></td><td >boolean</td></tr>
 <tr><td ><a href="#7-ssl_fc_has_sni">ssl_fc_has_sni</a></td><td >boolean</td></tr>
@@ -27252,8 +27255,8 @@ <h3 id="chapter-7.3.4" data-target="7.3.4"><small><a class="small" href="#7.3.4"
 <tr><td ><a href="#7-ssl_fc_use_keysize">ssl_fc_use_keysize</a></td><td >integer</td></tr>
 <tr><td ><a href="#7-ssl_s_der">ssl_s_der</a></td><td >binary</td></tr>
 <tr><td ><a href="#7-ssl_s_chain_der">ssl_s_chain_der</a></td><td >binary</td></tr>
-<tr><td ><a href="#7-ssl_s_key_alg">ssl_s_key_alg</a></td><td >string</td></tr>
 <thead><tr><th>keyword</th><th>output type</th></tr></thead>
+<tr><td ><a href="#7-ssl_s_key_alg">ssl_s_key_alg</a></td><td >string</td></tr>
 <tr><td ><a href="#7-ssl_s_notafter">ssl_s_notafter</a></td><td >string</td></tr>
 <tr><td ><a href="#7-ssl_s_notbefore">ssl_s_notbefore</a></td><td >string</td></tr>
 <tr><td ><a href="#7-ssl_s_i_dn">ssl_s_i_dn([&lt;entry&gt;[,&lt;occ&gt;[,&lt;format&gt;]]])</a></td><td >string</td></tr>
@@ -27458,6 +27461,11 @@ <h3 id="chapter-7.3.4" data-target="7.3.4"><small><a class="small" href="#7.3.4"
 connection was made over an SSL/TLS transport layer. It is useful to decrypt
 traffic sent using ephemeral ciphers. This requires OpenSSL &gt;= 1.1.0, or
 BoringSSL. It can be used in a tcp-check or an http-check ruleset.
+</pre><a class="anchor" name="ssl_bc_sni"></a><a class="anchor" name="7-ssl_bc_sni"></a><a class="anchor" name="7.3.4-ssl_bc_sni"></a><a class="anchor" name="ssl_bc_sni (Using ACLs and fetching samples)"></a><a class="anchor" name="ssl_bc_sni (Fetching samples at Layer 5)"></a><div class="keyword"><b><a class="anchor" name="ssl_bc_sni"></a><a href="#7.3.4-ssl_bc_sni">ssl_bc_sni</a></b> : string</div><pre class="text">This retrieves the Server Name Indication TLS extension (SNI) field that was
+used on the connection to the server. The result (when present) typically is
+a string matching the HTTPS host name (253 chars or less). The main use case
+is for logging and debugging purposes (e.g. figure what SNI was used when the
+connection was established to match it against what the server has seen).
 </pre><a class="anchor" name="ssl_bc_use_keysize"></a><a class="anchor" name="7-ssl_bc_use_keysize"></a><a class="anchor" name="7.3.4-ssl_bc_use_keysize"></a><a class="anchor" name="ssl_bc_use_keysize (Using ACLs and fetching samples)"></a><a class="anchor" name="ssl_bc_use_keysize (Fetching samples at Layer 5)"></a><div class="keyword"><b><a class="anchor" name="ssl_bc_use_keysize"></a><a href="#7.3.4-ssl_bc_use_keysize">ssl_bc_use_keysize</a></b> : integer</div><pre class="text">Returns the symmetric cipher key size used in bits when the outgoing
 connection was made over an SSL/TLS transport layer. It can be used in a
 tcp-check or an http-check ruleset.
@@ -31688,6 +31696,10 @@ <h2 id="chapter-11.1" data-target="11.1"><small><a class="small" href="#11.1">11
                the FD from the unix socket and uses it as if it were the FD
                of an accept(). Should be used carefully.
 
+               Bugs: This protocol is known to be unreliable on macOS because
+               of an issue in the macOS sendmsg(2) implementation. The
+               connection might not be accepted correctly.
+
 'unix@&lt;path&gt;'  following string is considered as a UNIX socket &lt;path&gt;. this
                prefix is useful to declare an UNIX socket path which don't
                start by slash '/'.
@@ -31818,7 +31830,7 @@ <h2 id="chapter-11.3" data-target="11.3"><small><a class="small" href="#11.3">11
 						<br>
 						<hr>
 						<div class="text-right">
-							HAProxy 3.1.8-86 &ndash; Configuration Manual<br>
+							HAProxy 3.1.8-145 &ndash; Configuration Manual<br>
 							<small>, 2025/06/02</small>
 						</div>
 					</div>
diff --git a/docs/3.1/intro.html b/docs/3.1/intro.html
@@ -2,7 +2,7 @@
 <html lang="en">
 	<head>
 		<meta charset="utf-8" />
-		<title>HAProxy version 3.1.8-86 - Starter Guide</title>
+		<title>HAProxy version 3.1.8-145 - Starter Guide</title>
 		<link href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet" />
 		<link href="https://raw.githubusercontent.com/thomaspark/bootswatch/v3.3.7/cerulean/bootstrap.min.css" rel="stylesheet" />
 		<link href="../css/page.css?0.4.2-15" rel="stylesheet" />
@@ -484,7 +484,7 @@
 					You can use <strong>left</strong> and <strong>right</strong> arrow keys to navigate between chapters.<br>
 				</p>
 				<p class="text-right">
-					<small>Converted with <a href="https://github.com/cbonte/haproxy-dconv">haproxy-dconv</a> v<b>0.4.2-15</b> on <b>2025/08/26</b></small>
+					<small>Converted with <a href="https://github.com/cbonte/haproxy-dconv">haproxy-dconv</a> v<b>0.4.2-15</b> on <b>2025/10/01</b></small>
 				</p>
 			</div>
 			<!-- /.sidebar -->
@@ -495,7 +495,7 @@
 						<div class="text-center">
                             <h1><a href="http://www.haproxy.org/" title="HAProxy"><img src="../img/HAProxyCommunityEdition_60px.png?0.4.2-15" /></a></h1>
 							<h2>Starter Guide</h2>
-							<p><strong>version 3.1.8-86</strong></p>
+							<p><strong>version 3.1.8-145</strong></p>
 							<p>
 								<br>
 								
@@ -2515,7 +2515,7 @@ <h2 id="chapter-4.4" data-target="4.4"><small><a class="small" href="#4.4">4.4.<
 						<br>
 						<hr>
 						<div class="text-right">
-							HAProxy 3.1.8-86 &ndash; Starter Guide<br>
+							HAProxy 3.1.8-145 &ndash; Starter Guide<br>
 							<small>, </small>
 						</div>
 					</div>
diff --git a/docs/3.1/management.html b/docs/3.1/management.html
@@ -2,7 +2,7 @@
 <html lang="en">
 	<head>
 		<meta charset="utf-8" />
-		<title>HAProxy version 3.1.8-86 - Management Guide</title>
+		<title>HAProxy version 3.1.8-145 - Management Guide</title>
 		<link href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet" />
 		<link href="https://raw.githubusercontent.com/thomaspark/bootswatch/v3.3.7/cerulean/bootstrap.min.css" rel="stylesheet" />
 		<link href="../css/page.css?0.4.2-15" rel="stylesheet" />
@@ -652,7 +652,7 @@
 					You can use <strong>left</strong> and <strong>right</strong> arrow keys to navigate between chapters.<br>
 				</p>
 				<p class="text-right">
-					<small>Converted with <a href="https://github.com/cbonte/haproxy-dconv">haproxy-dconv</a> v<b>0.4.2-15</b> on <b>2025/08/26</b></small>
+					<small>Converted with <a href="https://github.com/cbonte/haproxy-dconv">haproxy-dconv</a> v<b>0.4.2-15</b> on <b>2025/10/01</b></small>
 				</p>
 			</div>
 			<!-- /.sidebar -->
@@ -663,7 +663,7 @@
 						<div class="text-center">
                             <h1><a href="http://www.haproxy.org/" title="HAProxy"><img src="../img/HAProxyCommunityEdition_60px.png?0.4.2-15" /></a></h1>
 							<h2>Management Guide</h2>
-							<p><strong>version 3.1.8-86</strong></p>
+							<p><strong>version 3.1.8-145</strong></p>
 							<p>
 								<br>
 								
@@ -2139,6 +2139,25 @@ <h2 id="chapter-9.1" data-target="9.1"><small><a class="small" href="#9.1">9.1.<
  97. used_conn_cur [...S]: current number of connections in use
  98. need_conn_est [...S]: estimated needed number of connections
  99. uweight [..BS]: total user weight (backend), server user weight (server)
+ 100. agg_server_status [..B.]: backend aggregated gauge of server's status
+ 101. agg_server_status_check [..B.]: (deprecated)
+ 102. agg_check_status [..B.]: backend aggregated gauge of server's state check
+      status
+ 103. srid [...S]: server id revision
+ 104. sess_other [.F..]: total number of sessions other than HTTP since process
+      started
+ 105. h1_sess [.F..]: total number of HTTP/1 sessions since process started
+ 106. h2_sess [.F..]: total number of HTTP/2 sessions since process started
+ 107. h3_sess [.F..]: total number of HTTP/3 sessions since process started
+ 108. req_other [.F..]: total number of sessions other than HTTP processed by
+      this object since the worker process started
+ 109. h1req [.F..]: total number of HTTP/1 sessions processed by this object
+      since the worker process started
+ 110. h2req [.F..]: total number of hTTP/2 sessions processed by this object
+      since the worker process started
+ 111. h3req [.F..]: total number of HTTP/3 sessions processed by this object
+      since the worker process started
+ 112. proto [L...]: protocol
 
 For all other statistics domains, the presence or the order of the fields are
 not guaranteed. In this case, the header line should always be used to parse
@@ -4836,6 +4855,11 @@ <h3 id="chapter-9.4.1" data-target="9.4.1"><small><a class="small" href="#9.4.1"
   point and a PID. (e.g. @1 or @!1271). A @ alone could be use to specify the
   master. Leaving processes are only accessible with the PID as relative process
   number are only usable with the current processes.
+
+  Bugs: the sockpair@ protocol used to implement communication between the
+  master and the worker is known to not be reliable on macOS because of an
+  issue in the macOS sendmsg(2) implementation. A command might end up without
+  response because of that.
 </pre><div class="separator">
 <span class="label label-success">Examples:</span>
 <pre class="prettyprint">
@@ -5411,7 +5435,7 @@ <h2 id="chapter-13.1" data-target="13.1"><small><a class="small" href="#13.1">13
 						<br>
 						<hr>
 						<div class="text-right">
-							HAProxy 3.1.8-86 &ndash; Management Guide<br>
+							HAProxy 3.1.8-145 &ndash; Management Guide<br>
 							<small>, </small>
 						</div>
 					</div>
