nginx-site: xml/en/docs/stream/ngx_stream_ssl

Documented the ssl_conf_command directive.

author	Yaroslav Zhuravlev <yar@nginx.com>
date	Tue, 27 Oct 2020 22:03:34 +0000
parents	c60a8a15010c
children	78161967514f

comparison

equal deleted inserted replaced

-:3cb2736bb74c
+:d8bf37d20449
 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd">
 <module name="Module ngx_stream_ssl_module"
 link="/en/docs/stream/ngx_stream_ssl_module.html"
 lang="en"
-rev="22">
+rev="23">
 <section id="summary">
 <para>
 The <literal>ngx_stream_ssl_module</literal> module (1.9.0)
 <para>
 The list of certificates will be sent to clients.
 If this is not desired, the <link id="ssl_trusted_certificate"/>
 directive can be used.
+</para>
+</directive>
+<directive name="ssl_conf_command">
+<syntax><value>command</value></syntax>
+<default/>
+<context>stream</context>
+<context>server</context>
+<appeared-in>1.19.4</appeared-in>
+<para>
+Sets arbitrary OpenSSL configuration
+<link url="https://www.openssl.org/docs/man1.1.1/man3/SSL_CONF_cmd.html">commands</link>.
+<note>
+The directive is supported when using OpenSSL 1.0.2 or higher.
+</note>
+</para>
+<para>
+Several <literal>ssl_conf_command</literal> directives
+can be specified on the same level:
+<example>
+ssl_conf_command Options PrioritizeChaCha;
+ssl_conf_command Ciphersuites TLS_CHACHA20_POLY1305_SHA256;
+</example>
+These directives are inherited from the previous configuration level
+if and only if there are no <literal>ssl_conf_command</literal> directives
+defined on the current level.
+</para>
+<para>
+<note>
+Note that configuring OpenSSL directly
+might result in unexpected behavior.
+</note>
 </para>
 </directive>

Mercurial > hg > nginx-site