Google Git
Sign in
nginx / nginx / 79be6a5462498af8655aaed141f13a1d2a34abc8
commit79be6a5462498af8655aaed141f13a1d2a34abc8[log] [tgz]
authorPiotr Sikora <piotr@cloudflare.com>Fri Oct 11 16:05:24 2013 -0700
committerPiotr Sikora <piotr@cloudflare.com>Fri Oct 11 16:05:24 2013 -0700
tree52b4c69bed7f44caba6b83c6282f8a85230b3e87
parenta8ad0c02cc19f9684a357aace70a5fbbf9106fc1 [diff]
SSL: added ability to set keys used for Session Tickets (RFC5077).

In order to support key rollover, ssl_session_ticket_key can be defined
multiple times. The first key will be used to issue and resume Session
Tickets, while the rest will be used only to resume them.

    ssl_session_ticket_key  session_tickets/current.key;
    ssl_session_ticket_key  session_tickets/prev-1h.key;
    ssl_session_ticket_key  session_tickets/prev-2h.key;

Please note that nginx supports Session Tickets even without explicit
configuration of the keys and this feature should be only used in setups
where SSL traffic is distributed across multiple nginx servers.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
6 files changed
tree: 52b4c69bed7f44caba6b83c6282f8a85230b3e87
  1. auto/
  2. conf/
  3. contrib/
  4. docs/
  5. misc/
  6. src/
  7. .hgtags