nginx-site: xml/ru/docs/stream/ngx_stream_ssl

annotate xml/ru/docs/stream/ngx_stream_ssl_module.xml @ 2296:e2e71f9477a8

Added note about ssl_dhparam defaults.

author	Sergey Kandaurov <pluknet@nginx.com>
date	Fri, 30 Nov 2018 18:28:54 +0300
parents	3d9e7993c201
children	dbe55598d3f6

rev	line source
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1 <?xml version="1.0"?>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	2
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	3 <!--
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	4 Copyright (C) Nginx, Inc.
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	5 -->
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	6
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd">
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	8
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	9 <module name="Модуль ngx_stream_ssl_module"
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	10 link="/ru/docs/stream/ngx_stream_ssl_module.html"
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	11 lang="ru"
2296 e2e71f9477a8 Added note about ssl_dhparam defaults. Sergey Kandaurov <pluknet@nginx.com> parents: 2068 diff changeset	12 rev="19">
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	13
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	14 <section id="summary">
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	15
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	16 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	17 Модуль <literal>ngx_stream_ssl_module</literal> (1.9.0)
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	18 обеспечивает необходимую поддержку для работы
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	19 прокси-сервера по протоколу SSL/TLS.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	20 По умолчанию этот модуль не собирается, его сборку необходимо
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	21 разрешить с помощью конфигурационного параметра
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	22 <literal>--with-stream_ssl_module</literal>.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	23 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	24
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	25 </section>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	26
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	27
1521 e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	28 <section id="example" name="Пример конфигурации">
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	29
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	30 <para>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	31 Для уменьшения загрузки процессора рекомендуется
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	32 <list type="bullet">
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	33
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	34 <listitem>
2068 3d9e7993c201 Added links to directives in the example of ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1978 diff changeset	35 установить число
3d9e7993c201 Added links to directives in the example of ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1978 diff changeset	36 <link doc="../ngx_core_module.xml" id="worker_processes">рабочих процессов</link>
3d9e7993c201 Added links to directives in the example of ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1978 diff changeset	37 равным числу процессоров,
1521 e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	38 </listitem>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	39
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	40 <listitem>
2068 3d9e7993c201 Added links to directives in the example of ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1978 diff changeset	41 включить <link id="ssl_session_cache_shared">разделяемый</link> кэш сессий,
1521 e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	42 </listitem>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	43
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	44 <listitem>
2068 3d9e7993c201 Added links to directives in the example of ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1978 diff changeset	45 выключить <link id="ssl_session_cache_builtin">встроенный</link> кэш сессий
1521 e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	46 </listitem>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	47
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	48 <listitem>
2068 3d9e7993c201 Added links to directives in the example of ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1978 diff changeset	49 и, возможно, увеличить <link id="ssl_session_timeout">время жизни</link> сессии
3d9e7993c201 Added links to directives in the example of ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1978 diff changeset	50 (по умолчанию 5 минут):
1521 e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	51 </listitem>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	52
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	53 </list>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	54
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	55 <example>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	56 <emphasis>worker_processes auto;</emphasis>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	57
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	58 stream {
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	59
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	60 ...
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	61
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	62 server {
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	63 listen 12345 ssl;
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	64
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	65 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	66 ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	67 ssl_certificate /usr/local/nginx/conf/cert.pem;
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	68 ssl_certificate_key /usr/local/nginx/conf/cert.key;
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	69 <emphasis>ssl_session_cache shared:SSL:10m;</emphasis>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	70 <emphasis>ssl_session_timeout 10m;</emphasis>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	71
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	72 ...
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	73 }
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	74 </example>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	75 </para>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	76
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	77 </section>
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	78
e3d3e2ed4275 Added example configuration to mail and stream ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1520 diff changeset	79
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	80 <section id="directives" name="Директивы">
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	81
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	82 <directive name="ssl_certificate">
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	83 <syntax><value>файл</value></syntax>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	84 <default/>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	85 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	86 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	87
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	88 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	89 Указывает <value>файл</value> с сертификатом в формате PEM
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	90 для данного сервера.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	91 Если вместе с основным сертификатом нужно указать промежуточные,
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	92 то они должны находиться в этом же файле в следующем порядке — сначала
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	93 основной сертификат, а затем промежуточные.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	94 В этом же файле может находиться секретный ключ в формате PEM.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	95 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	96
1726 a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	97 <para>
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	98 Начиная с версии 1.11.0
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	99 эта директива может быть указана несколько раз
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	100 для загрузки сертификатов разных типов, например RSA и ECDSA:
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	101 <example>
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	102 server {
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	103 listen 12345 ssl;
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	104
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	105 ssl_certificate example.com.rsa.crt;
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	106 ssl_certificate_key example.com.rsa.key;
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	107
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	108 ssl_certificate example.com.ecdsa.crt;
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	109 ssl_certificate_key example.com.ecdsa.key;
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	110
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	111 ...
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	112 }
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	113 </example>
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	114 <note>
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	115 Возможность задавать отдельные цепочки сертификатов для разных сертификатов
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	116 есть только в OpenSSL 1.0.2 и выше.
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	117 Для более старых версий следует указывать только одну цепочку сертификатов.
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	118 </note>
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	119 </para>
a0bc284941f6 Documented multiple certificates support. Maxim Dounin <mdounin@mdounin.ru> parents: 1711 diff changeset	120
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	121 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	122
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	123
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	124 <directive name="ssl_certificate_key">
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	125 <syntax><value>файл</value></syntax>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	126 <default/>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	127 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	128 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	129
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	130 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	131 Указывает <value>файл</value> с секретным ключом в формате PEM
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	132 для данного сервера.
1456 acba294382d6 Documented engine support in ssl_certificate_key and friends. Yaroslav Zhuravlev <yar@nginx.com> parents: 1450 diff changeset	133 </para>
acba294382d6 Documented engine support in ssl_certificate_key and friends. Yaroslav Zhuravlev <yar@nginx.com> parents: 1450 diff changeset	134
acba294382d6 Documented engine support in ssl_certificate_key and friends. Yaroslav Zhuravlev <yar@nginx.com> parents: 1450 diff changeset	135 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	136 Вместо <value>файла</value> можно указать значение
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	137 <literal>engine</literal>:<value>имя</value>:<value>id</value>,
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	138 которое загружает ключ с указанным <value>id</value>
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	139 из OpenSSL engine с заданным <value>именем</value>.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	140 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	141
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	142 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	143
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	144
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	145 <directive name="ssl_ciphers">
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	146 <syntax><value>шифры</value></syntax>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	147 <default>HIGH:!aNULL:!MD5</default>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	148 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	149 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	150
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	151 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	152 Описывает разрешённые шифры.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	153 Шифры задаются в формате, поддерживаемом библиотекой
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	154 OpenSSL, например:
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	155 <example>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	156 ssl_ciphers ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	157 </example>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	158 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	159
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	160 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	161 Полный список можно посмотреть с помощью команды
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	162 “<command>openssl ciphers</command>”.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	163 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	164
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	165 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	166
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	167
1869 e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	168 <directive name="ssl_client_certificate">
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	169 <syntax><value>файл</value></syntax>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	170 <default/>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	171 <context>stream</context>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	172 <context>server</context>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	173 <appeared-in>1.11.8</appeared-in>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	174
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	175 <para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	176 Указывает <value>файл</value> с доверенными сертификатами CA в формате
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	177 PEM, которые используются для
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	178 <link id="ssl_verify_client">проверки</link> клиентских сертификатов.
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	179 </para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	180
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	181 <para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	182 Список сертификатов будет отправляться клиентам.
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	183 Если это нежелательно, можно воспользоваться директивой
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	184 <link id="ssl_trusted_certificate"/>.
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	185 </para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	186
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	187 </directive>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	188
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	189
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	190 <directive name="ssl_crl">
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	191 <syntax><value>файл</value></syntax>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	192 <default/>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	193 <context>stream</context>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	194 <context>server</context>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	195 <appeared-in>1.11.8</appeared-in>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	196
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	197 <para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	198 Указывает <value>файл</value> с отозванными сертификатами (CRL)
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	199 в формате PEM, используемыми для
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	200 <link id="ssl_verify_client">проверки</link> клиентских сертификатов.
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	201 </para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	202
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	203 </directive>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	204
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	205
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	206 <directive name="ssl_dhparam">
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	207 <syntax><value>файл</value></syntax>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	208 <default/>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	209 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	210 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	211
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	212 <para>
1706 6f5497797cde Changed "EDH ciphers" to "DHE ciphers". Maxim Dounin <mdounin@mdounin.ru> parents: 1521 diff changeset	213 Указывает <value>файл</value> с параметрами для DHE-шифров.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	214 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	215
2296 e2e71f9477a8 Added note about ssl_dhparam defaults. Sergey Kandaurov <pluknet@nginx.com> parents: 2068 diff changeset	216 <para>
e2e71f9477a8 Added note about ssl_dhparam defaults. Sergey Kandaurov <pluknet@nginx.com> parents: 2068 diff changeset	217 По умолчанию параметры не заданы,
e2e71f9477a8 Added note about ssl_dhparam defaults. Sergey Kandaurov <pluknet@nginx.com> parents: 2068 diff changeset	218 и соответственно DHE-шифры не будут использоваться.
e2e71f9477a8 Added note about ssl_dhparam defaults. Sergey Kandaurov <pluknet@nginx.com> parents: 2068 diff changeset	219 <note>
e2e71f9477a8 Added note about ssl_dhparam defaults. Sergey Kandaurov <pluknet@nginx.com> parents: 2068 diff changeset	220 До версии 1.11.0 по умолчанию использовались встроенные параметры.
e2e71f9477a8 Added note about ssl_dhparam defaults. Sergey Kandaurov <pluknet@nginx.com> parents: 2068 diff changeset	221 </note>
e2e71f9477a8 Added note about ssl_dhparam defaults. Sergey Kandaurov <pluknet@nginx.com> parents: 2068 diff changeset	222 </para>
e2e71f9477a8 Added note about ssl_dhparam defaults. Sergey Kandaurov <pluknet@nginx.com> parents: 2068 diff changeset	223
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	224 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	225
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	226
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	227 <directive name="ssl_ecdh_curve">
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	228 <syntax><value>кривая</value></syntax>
1711 38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	229 <default>auto</default>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	230 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	231 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	232
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	233 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	234 Задаёт <value>кривую</value> для ECDHE-шифров.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	235 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	236
1711 38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	237 <para>
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	238 При использовании OpenSSL 1.0.2 и выше
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	239 можно указывать несколько кривых (1.11.0), например:
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	240 <example>
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	241 ssl_ecdh_curve prime256v1:secp384r1;
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	242 </example>
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	243 </para>
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	244
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	245 <para>
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	246 Специальное значение <literal>auto</literal> (1.11.0) соответствует
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	247 встроенному в библиотеку OpenSSL списку кривых для OpenSSL 1.0.2 и выше,
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	248 или <literal>prime256v1</literal> для более старых версий.
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	249 </para>
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	250
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	251 <para>
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	252 <note>
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	253 До версии 1.11.0
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	254 по умолчанию использовалась кривая <literal>prime256v1</literal>.
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	255 </note>
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	256 </para>
38fb3e6b71e8 Documented ssl_ecdh_curve changes in 1.11.0. Maxim Dounin <mdounin@mdounin.ru> parents: 1706 diff changeset	257
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	258 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	259
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	260
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	261 <directive name="ssl_handshake_timeout">
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	262 <syntax><value>время</value></syntax>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	263 <default>60s</default>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	264 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	265 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	266
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	267 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	268 Задаёт таймаут для завершения операции SSL handshake.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	269 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	270
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	271 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	272
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	273
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	274 <directive name="ssl_password_file">
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	275 <syntax><value>файл</value></syntax>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	276 <default/>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	277 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	278 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	279
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	280 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	281 Задаёт <value>файл</value> с паролями от
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	282 <link id="ssl_certificate_key">секретных ключей</link>,
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	283 где каждый пароль указан на отдельной строке.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	284 Пароли применяются по очереди в момент загрузки ключа.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	285 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	286
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	287 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	288 Пример:
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	289 <example>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	290 stream {
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	291 ssl_password_file /etc/keys/global.pass;
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	292 ...
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	293
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	294 server {
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	295 listen 127.0.0.1:12345;
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	296 ssl_certificate_key /etc/keys/first.key;
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	297 }
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	298
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	299 server {
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	300 listen 127.0.0.1:12346;
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	301
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	302 # вместо файла можно указать именованный канал
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	303 ssl_password_file /etc/keys/fifo;
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	304 ssl_certificate_key /etc/keys/second.key;
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	305 }
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	306 }
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	307 </example>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	308 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	309
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	310 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	311
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	312
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	313 <directive name="ssl_prefer_server_ciphers">
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	314 <syntax><literal>on</literal> \| <literal>off</literal></syntax>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	315 <default>off</default>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	316 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	317 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	318
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	319 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	320 Указывает, чтобы при использовании протоколов SSLv3 и TLS
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	321 серверные шифры были более приоритетны, чем клиентские.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	322 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	323
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	324 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	325
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	326
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	327 <directive name="ssl_protocols">
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	328 <syntax>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	329 [<literal>SSLv2</literal>]
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	330 [<literal>SSLv3</literal>]
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	331 [<literal>TLSv1</literal>]
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	332 [<literal>TLSv1.1</literal>]
1978 8f1a568a8bbf Documented "TLSv1.3" parameter of the "ssl_protocols" directive. Sergey Kandaurov <pluknet@nginx.com> parents: 1923 diff changeset	333 [<literal>TLSv1.2</literal>]
8f1a568a8bbf Documented "TLSv1.3" parameter of the "ssl_protocols" directive. Sergey Kandaurov <pluknet@nginx.com> parents: 1923 diff changeset	334 [<literal>TLSv1.3</literal>]</syntax>
1499 3687cc9a3592 Removed SSLv3 from the default value of ssl_protocols and friends. Yaroslav Zhuravlev <yar@nginx.com> parents: 1462 diff changeset	335 <default>TLSv1 TLSv1.1 TLSv1.2</default>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	336 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	337 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	338
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	339 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	340 Разрешает указанные протоколы.
1978 8f1a568a8bbf Documented "TLSv1.3" parameter of the "ssl_protocols" directive. Sergey Kandaurov <pluknet@nginx.com> parents: 1923 diff changeset	341 <note>
8f1a568a8bbf Documented "TLSv1.3" parameter of the "ssl_protocols" directive. Sergey Kandaurov <pluknet@nginx.com> parents: 1923 diff changeset	342 Параметры <literal>TLSv1.1</literal> и <literal>TLSv1.2</literal>
8f1a568a8bbf Documented "TLSv1.3" parameter of the "ssl_protocols" directive. Sergey Kandaurov <pluknet@nginx.com> parents: 1923 diff changeset	343 работают только при использовании OpenSSL 1.0.1 и выше.
8f1a568a8bbf Documented "TLSv1.3" parameter of the "ssl_protocols" directive. Sergey Kandaurov <pluknet@nginx.com> parents: 1923 diff changeset	344 </note>
8f1a568a8bbf Documented "TLSv1.3" parameter of the "ssl_protocols" directive. Sergey Kandaurov <pluknet@nginx.com> parents: 1923 diff changeset	345 <note>
8f1a568a8bbf Documented "TLSv1.3" parameter of the "ssl_protocols" directive. Sergey Kandaurov <pluknet@nginx.com> parents: 1923 diff changeset	346 Параметр <literal>TLSv1.3</literal> (1.13.0) работает только
8f1a568a8bbf Documented "TLSv1.3" parameter of the "ssl_protocols" directive. Sergey Kandaurov <pluknet@nginx.com> parents: 1923 diff changeset	347 при использовании OpenSSL 1.1.1, собранной с поддержкой TLSv1.3.
8f1a568a8bbf Documented "TLSv1.3" parameter of the "ssl_protocols" directive. Sergey Kandaurov <pluknet@nginx.com> parents: 1923 diff changeset	348 </note>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	349 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	350
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	351 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	352
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	353
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	354 <directive name="ssl_session_cache">
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	355 <syntax>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	356 <literal>off</literal> \|
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	357 <literal>none</literal> \|
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	358 [<literal>builtin</literal>[:<value>размер</value>]]
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	359 [<literal>shared</literal>:<value>название</value>:<value>размер</value>]</syntax>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	360 <default>none</default>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	361 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	362 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	363
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	364 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	365 Задаёт тип и размеры кэшей для хранения параметров сессий.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	366 Тип кэша может быть следующим:
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	367 <list type="tag">
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	368
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	369 <tag-name><literal>off</literal></tag-name>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	370 <tag-desc>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	371 жёсткое запрещение использования кэша сессий:
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	372 nginx явно сообщает клиенту, что сессии не могут использоваться повторно.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	373 </tag-desc>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	374
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	375 <tag-name><literal>none</literal></tag-name>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	376 <tag-desc>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	377 мягкое запрещение использования кэша сессий:
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	378 nginx сообщает клиенту, что сессии могут использоваться повторно, но
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	379 на самом деле не хранит параметры сессии в кэше.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	380 </tag-desc>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	381
2068 3d9e7993c201 Added links to directives in the example of ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1978 diff changeset	382 <tag-name id="ssl_session_cache_builtin"><literal>builtin</literal></tag-name>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	383 <tag-desc>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	384 встроенный в OpenSSL кэш, используется в рамках только одного рабочего процесса.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	385 Размер кэша задаётся в сессиях.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	386 Если размер не задан, то он равен 20480 сессиям.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	387 Использование встроенного кэша может вести к фрагментации памяти.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	388 </tag-desc>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	389
2068 3d9e7993c201 Added links to directives in the example of ssl modules. Yaroslav Zhuravlev <yar@nginx.com> parents: 1978 diff changeset	390 <tag-name id="ssl_session_cache_shared"><literal>shared</literal></tag-name>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	391 <tag-desc>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	392 кэш, разделяемый между всеми рабочими процессами.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	393 Размер кэша задаётся в байтах, в 1 мегабайт может поместиться
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	394 около 4000 сессий.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	395 У каждого разделяемого кэша должно быть произвольное название.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	396 Кэш с одинаковым названием может использоваться в нескольких
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	397 серверах.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	398 </tag-desc>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	399
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	400 </list>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	401 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	402
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	403 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	404 Можно использовать одновременно оба типа кэша, например:
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	405 <example>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	406 ssl_session_cache builtin:1000 shared:SSL:10m;
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	407 </example>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	408 однако использование только разделяемого кэша без встроенного должно
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	409 быть более эффективным.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	410 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	411
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	412 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	413
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	414
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	415 <directive name="ssl_session_ticket_key">
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	416 <syntax><value>файл</value></syntax>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	417 <default/>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	418 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	419 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	420
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	421 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	422 Задаёт <value>файл</value> с секретным ключом, применяемым при шифровании и
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	423 расшифровании TLS session tickets.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	424 Директива необходима, если один и тот же ключ нужно использовать
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	425 на нескольких серверах.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	426 По умолчанию используется случайно сгенерированный ключ.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	427 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	428
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	429 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	430 Если указано несколько ключей, то только первый ключ
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	431 используется для шифрования TLS session tickets.
ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	432 Это позволяет настроить ротацию ключей, например:
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	433 <example>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	434 ssl_session_ticket_key current.key;
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	435 ssl_session_ticket_key previous.key;
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	436 </example>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	437 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	438
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	439 <para>
1877 aa29a64a5e9d Documented ssl_session_ticket_key 80-byte keys. Maxim Dounin <mdounin@mdounin.ru> parents: 1876 diff changeset	440 <value>Файл</value> должен содержать 80 или 48 байт случайных данных
aa29a64a5e9d Documented ssl_session_ticket_key 80-byte keys. Maxim Dounin <mdounin@mdounin.ru> parents: 1876 diff changeset	441 и может быть создан следующей командой:
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	442 <example>
1877 aa29a64a5e9d Documented ssl_session_ticket_key 80-byte keys. Maxim Dounin <mdounin@mdounin.ru> parents: 1876 diff changeset	443 openssl rand 80 > ticket.key
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	444 </example>
1877 aa29a64a5e9d Documented ssl_session_ticket_key 80-byte keys. Maxim Dounin <mdounin@mdounin.ru> parents: 1876 diff changeset	445 В зависимости от размера файла для шифрования будет использоваться либо
aa29a64a5e9d Documented ssl_session_ticket_key 80-byte keys. Maxim Dounin <mdounin@mdounin.ru> parents: 1876 diff changeset	446 AES256 (для 80-байтных ключей, 1.11.8), либо AES128 (для 48-байтных ключей).
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	447 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	448
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	449 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	450
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	451
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	452 <directive name="ssl_session_tickets">
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	453 <syntax><literal>on</literal> \| <literal>off</literal></syntax>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	454 <default>on</default>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	455 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	456 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	457
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	458 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	459 Разрешает или запрещает возобновление сессий при помощи
1923 66a30a380fba Fixed links to tools.ietf.org. Ruslan Ermilov <ru@nginx.com> parents: 1877 diff changeset	460 <link url="https://tools.ietf.org/html/rfc5077">TLS session tickets</link>.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	461 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	462
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	463 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	464
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	465
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	466 <directive name="ssl_session_timeout">
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	467 <syntax><value>время</value></syntax>
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	468 <default>5m</default>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	469 <context>stream</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	470 <context>server</context>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	471
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	472 <para>
1520 ed36e909bc79 Translated stream_ssl_module into Russian. Yaroslav Zhuravlev <yar@nginx.com> parents: 1499 diff changeset	473 Задаёт время, в течение которого клиент может повторно
1785 3fa0944ddc6a Removed info about session cache from ssl_session_timeout. Yaroslav Zhuravlev <yar@nginx.com> parents: 1745 diff changeset	474 использовать параметры сессии.
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	475 </para>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	476
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	477 </directive>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	478
1869 e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	479
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	480 <directive name="ssl_trusted_certificate">
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	481 <syntax><value>файл</value></syntax>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	482 <default/>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	483 <context>stream</context>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	484 <context>server</context>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	485 <appeared-in>1.11.8</appeared-in>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	486
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	487 <para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	488 Задаёт <value>файл</value> с доверенными сертификатами CA в формате PEM,
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	489 которые используются для <link id="ssl_verify_client">проверки</link>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	490 клиентских сертификатов.
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	491 </para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	492
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	493 <para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	494 В отличие от <link id="ssl_client_certificate"/>, список этих сертификатов
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	495 не будет отправляться клиентам.
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	496 </para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	497
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	498 </directive>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	499
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	500
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	501 <directive name="ssl_verify_client">
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	502 <syntax>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	503 <literal>on</literal> \| <literal>off</literal> \|
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	504 <literal>optional</literal> \| <literal>optional_no_ca</literal></syntax>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	505 <default>off</default>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	506 <context>stream</context>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	507 <context>server</context>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	508 <appeared-in>1.11.8</appeared-in>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	509
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	510
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	511 <para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	512 Разрешает проверку клиентских сертификатов.
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	513 Результат проверки доступен через переменную
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	514 <link id="var_ssl_client_verify">$ssl_client_verify</link>.
1876 b451f03e0a4b Described behavior of stream ssl_verify_client in case of error. Yaroslav Zhuravlev <yar@nginx.com> parents: 1869 diff changeset	515 Если при проверке клиентского сертификата произошла ошибка
b451f03e0a4b Described behavior of stream ssl_verify_client in case of error. Yaroslav Zhuravlev <yar@nginx.com> parents: 1869 diff changeset	516 или клиент не предоставил требуемый сертификат,
b451f03e0a4b Described behavior of stream ssl_verify_client in case of error. Yaroslav Zhuravlev <yar@nginx.com> parents: 1869 diff changeset	517 соединение закрывается.
1869 e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	518 </para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	519
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	520 <para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	521 Параметр <literal>optional</literal> запрашивает клиентский
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	522 сертификат, и если сертификат был предоставлен, проверяет его.
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	523 </para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	524
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	525 <para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	526 Параметр <literal>optional_no_ca</literal>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	527 запрашивает сертификат
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	528 клиента, но не требует, чтобы он был подписан доверенным сертификатом CA.
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	529 Это предназначено для случаев, когда фактическая проверка сертификата
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	530 осуществляется внешним по отношению к nginx’у сервисом.
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	531 Содержимое сертификата доступно через переменную
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	532 <link id="var_ssl_client_cert">$ssl_client_cert</link>.
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	533 </para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	534
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	535 </directive>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	536
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	537
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	538 <directive name="ssl_verify_depth">
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	539 <syntax><value>число</value></syntax>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	540 <default>1</default>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	541 <context>stream</context>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	542 <context>server</context>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	543 <appeared-in>1.11.8</appeared-in>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	544
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	545 <para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	546 Устанавливает глубину проверки в цепочке клиентских сертификатов.
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	547 </para>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	548
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	549 </directive>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	550
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	551 </section>
f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	552
1745 0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	553
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	554 <section id="variables" name="Встроенные переменные">
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	555
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	556 <para>
1790 6da8d19f89c0 Corrected module name in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1785 diff changeset	557 Модуль <literal>ngx_stream_ssl_module</literal> поддерживает переменные
1745 0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	558 начиная с версии 1.11.2.
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	559 <list type="tag">
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	560
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	561 <tag-name id="var_ssl_cipher"><var>$ssl_cipher</var></tag-name>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	562 <tag-desc>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	563 возвращает строку используемых шифров для установленного SSL-соединения;
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	564 </tag-desc>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	565
1857 0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	566 <tag-name id="var_ssl_ciphers"><var>$ssl_ciphers</var></tag-name>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	567 <tag-desc>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	568 возвращает список шифров, поддерживаемых клиентом (1.11.7).
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	569 Известные шифры указаны по имени, неизвестные указаны в шестнадцатеричном виде,
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	570 например:
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	571 <example>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	572 AES128-SHA:AES256-SHA:0x00ff
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	573 </example>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	574 <note>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	575 Переменная полностью поддерживается при использовании OpenSSL версии 1.0.2
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	576 и выше.
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	577 При использовании более старых версий переменная доступна
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	578 только для новых сессий и может содержать только известные шифры.
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	579 </note>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	580 </tag-desc>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	581
1869 e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	582 <tag-name id="var_ssl_client_cert"><var>$ssl_client_cert</var></tag-name>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	583 <tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	584 возвращает клиентский сертификат
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	585 для установленного SSL-соединения в формате PEM
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	586 перед каждой строкой которого, кроме первой, вставляется символ табуляции(1.11.8);
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	587 </tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	588
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	589 <tag-name id="var_ssl_client_fingerprint"><var>$ssl_client_fingerprint</var></tag-name>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	590 <tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	591 возвращает SHA1-отпечаток клиентского сертификата
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	592 для установленного SSL-соединения (1.11.8);
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	593 </tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	594
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	595 <tag-name id="var_ssl_client_i_dn"><var>$ssl_client_i_dn</var></tag-name>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	596 <tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	597 возвращает строку “issuer DN” клиентского сертификата
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	598 для установленного SSL-соединения согласно
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	599 <link url="https://tools.ietf.org/html/rfc2253">RFC 2253</link> (1.11.8);
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	600 </tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	601
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	602 <tag-name id="var_ssl_client_raw_cert"><var>$ssl_client_raw_cert</var>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	603 </tag-name>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	604 <tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	605 возвращает клиентский сертификат
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	606 для установленного SSL-соединения в формате PEM (1.11.8);
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	607 </tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	608
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	609 <tag-name id="var_ssl_client_s_dn"><var>$ssl_client_s_dn</var></tag-name>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	610 <tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	611 возвращает строку “subject DN” клиентского сертификата
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	612 для установленного SSL-соединения согласно
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	613 <link url="https://tools.ietf.org/html/rfc2253">RFC 2253</link> (1.11.8);
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	614 </tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	615
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	616 <tag-name id="var_ssl_client_serial"><var>$ssl_client_serial</var></tag-name>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	617 <tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	618 возвращает серийный номер клиентского сертификата
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	619 для установленного SSL-соединения (1.11.8);
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	620 </tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	621
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	622 <tag-name id="var_ssl_client_v_end"><var>$ssl_client_v_end</var></tag-name>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	623 <tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	624 возвращает дату окончания срока действия клиентского сертификата (1.11.8);
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	625 </tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	626
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	627 <tag-name id="var_ssl_client_v_remain"><var>$ssl_client_v_remain</var></tag-name>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	628 <tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	629 возвращает число дней,
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	630 оставшихся до истечения срока действия клиентского сертификата (1.11.8);
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	631 </tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	632
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	633 <tag-name id="var_ssl_client_v_start"><var>$ssl_client_v_start</var></tag-name>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	634 <tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	635 возвращает дату начала срока действия клиентского сертификата (1.11.8);
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	636 </tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	637
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	638 <tag-name id="var_ssl_client_verify"><var>$ssl_client_verify</var></tag-name>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	639 <tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	640 возвращает результат проверки клиентского сертификата (1.11.8):
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	641 “<literal>SUCCESS</literal>”, “<literal>FAILED:</literal><value>reason</value>”
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	642 и, если сертификат не был предоставлен, “<literal>NONE</literal>”;
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	643 </tag-desc>
e1d0b56c0310 Documented support for client certificate verification in stream. Yaroslav Zhuravlev <yar@nginx.com> parents: 1857 diff changeset	644
1857 0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	645 <tag-name id="var_ssl_curves"><var>$ssl_curves</var></tag-name>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	646 <tag-desc>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	647 возвращает список кривых, поддерживаемых клиентом (1.11.7).
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	648 Известные кривые указаны по имени, неизвестные указаны в шестнадцатеричном виде,
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	649 например:
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	650 <example>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	651 0x001d:prime256v1:secp521r1:secp384r1
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	652 </example>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	653 <note>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	654 Переменная поддерживается при использовании OpenSSL версии 1.0.2 и выше.
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	655 При использовании более старых версий значением переменной будет пустая строка.
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	656 </note>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	657 <note>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	658 Переменная доступна только для новых сессий.
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	659 </note>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	660 </tag-desc>
0882ccb0c00f Documented the $ssl_curves and $ssl_ciphers variables. Yaroslav Zhuravlev <yar@nginx.com> parents: 1790 diff changeset	661
1745 0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	662 <tag-name id="var_ssl_protocol"><var>$ssl_protocol</var></tag-name>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	663 <tag-desc>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	664 возвращает протокол установленного SSL-соединения;
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	665 </tag-desc>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	666
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	667 <tag-name id="var_ssl_server_name"><var>$ssl_server_name</var></tag-name>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	668 <tag-desc>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	669 возвращает имя сервера, запрошенное через
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	670 <link url="http://en.wikipedia.org/wiki/Server_Name_Indication">SNI</link>;
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	671 </tag-desc>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	672
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	673 <tag-name id="var_ssl_session_id"><var>$ssl_session_id</var></tag-name>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	674 <tag-desc>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	675 возвращает идентификатор сессии установленного SSL-соединения;
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	676 </tag-desc>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	677
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	678 <tag-name id="var_ssl_session_reused"><var>$ssl_session_reused</var></tag-name>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	679 <tag-desc>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	680 возвращает “<literal>r</literal>”, если сессия была использована повторно,
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	681 иначе “<literal>.</literal>”.
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	682 </tag-desc>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	683
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	684 </list>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	685 </para>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	686
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	687 </section>
0dfb7628bfee Documented variables in ngx_stream_ssl_module. Yaroslav Zhuravlev <yar@nginx.com> parents: 1726 diff changeset	688
1450 f5b5eefc43cb Updated commercial docs for the upcoming release. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	689 </module>

Mercurial > hg > nginx-site

annotate xml/ru/docs/stream/ngx_stream_ssl_module.xml @ 2296:e2e71f9477a8