# HG changeset patch # User Yaroslav Zhuravlev # Date 1403879128 -14400 # Node ID 35cf5dca5fa4409a2cba521b0f2d7fed75c8bfaf # Parent 763db729e6a4170db00e4b4d2c6b07e3c88726d2 SSL: added the ssl_password_file directive. diff -r 763db729e6a4 -r 35cf5dca5fa4 xml/en/docs/http/ngx_http_ssl_module.xml --- a/xml/en/docs/http/ngx_http_ssl_module.xml Tue Jun 24 16:44:56 2014 +0400 +++ b/xml/en/docs/http/ngx_http_ssl_module.xml Fri Jun 27 18:25:28 2014 +0400 @@ -10,7 +10,7 @@ + rev="16">
@@ -283,6 +283,46 @@ + +file + +http +server +1.7.3 + + +Specifies a file with passphrases for +secret keys +where each passphrase is specified on a separate line. +Passphrases are tried in turn when loading the key. + + + +Example: + +http { + ssl_password_file /etc/keys/global.pass; + ... + + server { + server_name www1.example.com; + ssl_certificate_key /etc/keys/first.key; + } + + server { + server_name www2.example.com; + + # named pipe can also be used instead of a file + ssl_password_file /etc/keys/fifo; + ssl_certificate_key /etc/keys/second.key; + } +} + + + + + + on | off off diff -r 763db729e6a4 -r 35cf5dca5fa4 xml/ru/docs/http/ngx_http_ssl_module.xml --- a/xml/ru/docs/http/ngx_http_ssl_module.xml Tue Jun 24 16:44:56 2014 +0400 +++ b/xml/ru/docs/http/ngx_http_ssl_module.xml Fri Jun 27 18:25:28 2014 +0400 @@ -10,7 +10,7 @@ + rev="16">
@@ -282,6 +282,46 @@ + +файл + +http +server +1.7.3 + + +Задаёт файл с паролями от +секретных ключей, +где каждый пароль указан на отдельной строке. +Пароли применяются по очереди в момент загрузки ключа. + + + +Пример: + +http { + ssl_password_file /etc/keys/global.pass; + ... + + server { + server_name www1.example.com; + ssl_certificate_key /etc/keys/first.key; + } + + server { + server_name www2.example.com; + + # вместо файла можно указать именованный канал + ssl_password_file /etc/keys/fifo; + ssl_certificate_key /etc/keys/second.key; + } +} + + + + + + on | off off