Mercurial > hg > nginx-site
comparison xml/en/docs/stream/ngx_stream_ssl_module.xml @ 1726:a0bc284941f6
Documented multiple certificates support.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 07 Jun 2016 19:00:50 +0300 |
parents | 38fb3e6b71e8 |
children | 0dfb7628bfee |
comparison
equal
deleted
inserted
replaced
1725:67b5aac350e4 | 1726:a0bc284941f6 |
---|---|
7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> | 7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> |
8 | 8 |
9 <module name="Module ngx_stream_ssl_module" | 9 <module name="Module ngx_stream_ssl_module" |
10 link="/en/docs/stream/ngx_stream_ssl_module.html" | 10 link="/en/docs/stream/ngx_stream_ssl_module.html" |
11 lang="en" | 11 lang="en" |
12 rev="7"> | 12 rev="8"> |
13 | 13 |
14 <section id="summary"> | 14 <section id="summary"> |
15 | 15 |
16 <para> | 16 <para> |
17 The <literal>ngx_stream_ssl_module</literal> module (1.9.0) | 17 The <literal>ngx_stream_ssl_module</literal> module (1.9.0) |
87 for the given server. | 87 for the given server. |
88 If intermediate certificates should be specified in addition to a primary | 88 If intermediate certificates should be specified in addition to a primary |
89 certificate, they should be specified in the same file in the following | 89 certificate, they should be specified in the same file in the following |
90 order: the primary certificate comes first, then the intermediate certificates. | 90 order: the primary certificate comes first, then the intermediate certificates. |
91 A secret key in the PEM format may be placed in the same file. | 91 A secret key in the PEM format may be placed in the same file. |
92 </para> | |
93 | |
94 <para> | |
95 Since version 1.11.0, | |
96 this directive can be specified multiple times | |
97 to load certificates of different types, for example, RSA and ECDSA: | |
98 <example> | |
99 server { | |
100 listen 12345 ssl; | |
101 | |
102 ssl_certificate example.com.rsa.crt; | |
103 ssl_certificate_key example.com.rsa.key; | |
104 | |
105 ssl_certificate example.com.ecdsa.crt; | |
106 ssl_certificate_key example.com.ecdsa.key; | |
107 | |
108 ... | |
109 } | |
110 </example> | |
111 <note> | |
112 Only OpenSSL 1.0.2 or higher supports separate certificate chains | |
113 for different certificates. | |
114 With older versions, only one certificate chain can be used. | |
115 </note> | |
92 </para> | 116 </para> |
93 | 117 |
94 </directive> | 118 </directive> |
95 | 119 |
96 | 120 |