Mercurial > hg > nginx-site
comparison xml/en/docs/stream/ngx_stream_ssl_module.xml @ 2334:dbe55598d3f6
Added variables support in ssl_certificate and ssl_certificate_key.
author | Yaroslav Zhuravlev <yar@nginx.com> |
---|---|
date | Tue, 26 Feb 2019 18:33:47 +0300 |
parents | e2e71f9477a8 |
children | 8e35f3af574b |
comparison
equal
deleted
inserted
replaced
2333:fb5e1d2d4c75 | 2334:dbe55598d3f6 |
---|---|
7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> | 7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> |
8 | 8 |
9 <module name="Module ngx_stream_ssl_module" | 9 <module name="Module ngx_stream_ssl_module" |
10 link="/en/docs/stream/ngx_stream_ssl_module.html" | 10 link="/en/docs/stream/ngx_stream_ssl_module.html" |
11 lang="en" | 11 lang="en" |
12 rev="19"> | 12 rev="20"> |
13 | 13 |
14 <section id="summary"> | 14 <section id="summary"> |
15 | 15 |
16 <para> | 16 <para> |
17 The <literal>ngx_stream_ssl_module</literal> module (1.9.0) | 17 The <literal>ngx_stream_ssl_module</literal> module (1.9.0) |
116 for different certificates. | 116 for different certificates. |
117 With older versions, only one certificate chain can be used. | 117 With older versions, only one certificate chain can be used. |
118 </note> | 118 </note> |
119 </para> | 119 </para> |
120 | 120 |
121 <para> | |
122 Since version 1.15.9, variables can be used in the <value>file</value> name | |
123 when using OpenSSL 1.0.2 or higher: | |
124 <example> | |
125 ssl_certificate $ssl_server_name.crt; | |
126 ssl_certificate_key $ssl_server_name.key; | |
127 </example> | |
128 Note that using variables implies that | |
129 a certificate will be loaded for each SSL handshake, | |
130 and this may have a negative impact on performance. | |
131 </para> | |
132 | |
121 </directive> | 133 </directive> |
122 | 134 |
123 | 135 |
124 <directive name="ssl_certificate_key"> | 136 <directive name="ssl_certificate_key"> |
125 <syntax><value>file</value></syntax> | 137 <syntax><value>file</value></syntax> |
136 The value | 148 The value |
137 <literal>engine</literal>:<value>name</value>:<value>id</value> | 149 <literal>engine</literal>:<value>name</value>:<value>id</value> |
138 can be specified instead of the <value>file</value>, | 150 can be specified instead of the <value>file</value>, |
139 which loads a secret key with a specified <value>id</value> | 151 which loads a secret key with a specified <value>id</value> |
140 from the OpenSSL engine <value>name</value>. | 152 from the OpenSSL engine <value>name</value>. |
153 </para> | |
154 | |
155 <para> | |
156 Since version 1.15.9, variables can be used in the <value>file</value> name | |
157 when using OpenSSL 1.0.2 or higher. | |
141 </para> | 158 </para> |
142 | 159 |
143 </directive> | 160 </directive> |
144 | 161 |
145 | 162 |