HAProxy Data Plane API 3.0 is now available! The latest version is hosted on our GitHub releases page. This release follows the recent HAProxy 3.0 release and incorporates its changes, along with some improvements and changes specific to the API. HAProxy Data Plane 3.0 adds multiple breaking changes. We'll cover the impacts of these changes in detail to highlight how your implementation and usage of Data Plane API may be affected.

Most load balancers only check a client certificate when the client first connects. However, this can be problematic if a client stays connected for an extended period of time. Staying connected would allow clients to continually send and receive data. Imagine you have an employee whose certificate and key were stolen by an adversary. If you are using TLS client authentication, that adversary can connect to your infrastructure and maintain illegal access.