Mercurial > hg > nginx-site
diff xml/en/docs/http/ngx_http_ssl_module.xml @ 1726:a0bc284941f6
Documented multiple certificates support.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Tue, 07 Jun 2016 19:00:50 +0300 |
| parents | 67b5aac350e4 |
| children | 3fa0944ddc6a |
line wrap: on
line diff
--- a/xml/en/docs/http/ngx_http_ssl_module.xml Tue Jun 07 19:00:39 2016 +0300 +++ b/xml/en/docs/http/ngx_http_ssl_module.xml Tue Jun 07 19:00:50 2016 +0300 @@ -10,7 +10,7 @@ <module name="Module ngx_http_ssl_module" link="/en/docs/http/ngx_http_ssl_module.html" lang="en" - rev="22"> + rev="23"> <section id="summary"> @@ -146,6 +146,32 @@ </para> <para> +Since version 1.11.0, +this directive can be specified multiple times +to load certificates of different types, for example, RSA and ECDSA: +<example> +server { + listen 443 ssl; + server_name example.com; + + ssl_certificate example.com.rsa.crt; + ssl_certificate_key example.com.rsa.key; + + ssl_certificate example.com.ecdsa.crt; + ssl_certificate_key example.com.ecdsa.key; + + ... +} +</example> +<note> +Only OpenSSL 1.0.2 or higher supports separate +<link doc="configuring_https_servers.xml" id="chains">certificate chains</link> +for different certificates. +With older versions, only one certificate chain can be used. +</note> +</para> + +<para> It should be kept in mind that due to the HTTPS protocol limitations virtual servers should listen on different IP addresses: <example>