Mercurial > hg > nginx-site

comparison xml/en/docs/stream/ngx_stream_ssl_preread_module.xml @ 1798:59d1f512c3a0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Documented the ngx_stream_ssl_preread_module module.
author Yaroslav Zhuravlev <yar@nginx.com>
date Wed, 21 Sep 2016 20:46:16 +0300
parents
children 9f7e12cf974f
comparison
equal deleted inserted replaced
1797:be868c8f6e9c 1798:59d1f512c3a0
1 <?xml version="1.0"?>
2
3 <!--
4 Copyright (C) Nginx, Inc.
5 -->
6
7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd">
8
9 <module name="Module ngx_stream_ssl_preread_module"
10 link="/en/docs/stream/ngx_stream_ssl_preread_module.html"
11 lang="en"
12 rev="1">
13
14 <section id="summary">
15
16 <para>
17 The <literal>ngx_stream_ssl_preread_module</literal> module (1.11.5) allows
18 extracting information from the
19 <link url="https://tools.ietf.org/html/rfc5246#section-7.4.1.2">ClientHello</link>
20 message without terminating SSL/TLS,
21 for example, the sever name requested through
22 <link url="https://tools.ietf.org/html/rfc6066#section-3">SNI</link>.
23 This module is not built by default, it should be enabled with the
24 <literal>--with-stream_ssl_preread_module</literal>
25 configuration parameter.
26 </para>
27
28 </section>
29
30
31 <section id="example" name="Example Configuration">
32
33 <para>
34 <example>
35 map $ssl_preread_server_name $name {
36 backend.example.com backend;
37 default backend2;
38 }
39
40 upstream backend {
41 server 192.168.0.1:12345;
42 server 192.168.0.2:12345;
43 }
44
45 upstream backend2 {
46 server 192.168.0.3:12345;
47 server 192.168.0.4:12345;
48 }
49
50 server {
51 listen 12346;
52 proxy_pass $name;
53 ssl_preread on;
54 }
55 </example>
56
57 </para>
58
59 </section>
60
61
62 <section id="directives" name="Directives">
63
64 <directive name="ssl_preread">
65 <syntax><literal>on</literal> | <literal>off</literal></syntax>
66 <default>off</default>
67 <context>stream</context>
68 <context>server</context>
69
70 <para>
71 Enables extracting information from the ClientHello message at
72 the <link doc="stream_processing.xml" id="preread_phase">preread</link> phase.
73 </para>
74
75 </directive>
76
77 </section>
78
79
80 <section id="variables" name="Embedded Variables">
81
82 <para>
83 <list type="tag">
84
85 <tag-name id="var_ssl_preread_server_name"><var>$ssl_preread_server_name</var></tag-name>
86 <tag-desc>
87 returns the server name requested through SNI
88 </tag-desc>
89
90 </list>
91 </para>
92
93 </section>
94
95 </module>