Mercurial > hg > nginx-site
comparison xml/en/docs/http/ngx_http_uwsgi_module.xml @ 1193:0320929f8544
Documented uwsgi_ssl_verify, uwsgi_ssl_server_name, and friends.
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Sat, 17 May 2014 01:55:19 +0400 |
parents | b5268820c3f3 |
children | 5ee8a00f2bc5 |
comparison
equal
deleted
inserted
replaced
1192:b5268820c3f3 | 1193:0320929f8544 |
---|---|
8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> | 8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> |
9 | 9 |
10 <module name="Module ngx_http_uwsgi_module" | 10 <module name="Module ngx_http_uwsgi_module" |
11 link="/en/docs/http/ngx_http_uwsgi_module.html" | 11 link="/en/docs/http/ngx_http_uwsgi_module.html" |
12 lang="en" | 12 lang="en" |
13 rev="2"> | 13 rev="3"> |
14 | 14 |
15 <section id="summary"> | 15 <section id="summary"> |
16 | 16 |
17 <para> | 17 <para> |
18 The <literal>ngx_http_uwsgi_module</literal> module allows passing | 18 The <literal>ngx_http_uwsgi_module</literal> module allows passing |
955 </para> | 955 </para> |
956 | 956 |
957 </directive> | 957 </directive> |
958 | 958 |
959 | 959 |
960 <directive name="uwsgi_ssl_crl"> | |
961 <syntax><value>file</value></syntax> | |
962 <default/> | |
963 <context>http</context> | |
964 <context>server</context> | |
965 <context>location</context> | |
966 <appeared-in>1.7.0</appeared-in> | |
967 | |
968 <para> | |
969 Specifies a <value>file</value> with revoked certificates (CRL) | |
970 in the PEM format used to <link id="uwsgi_ssl_verify">verify</link> | |
971 the certificate of the secured uwsgi server. | |
972 </para> | |
973 | |
974 </directive> | |
975 | |
976 | |
977 <directive name="uwsgi_ssl_name"> | |
978 <syntax><value>name</value></syntax> | |
979 <default>host from uwsgi_pass</default> | |
980 <context>http</context> | |
981 <context>server</context> | |
982 <context>location</context> | |
983 <appeared-in>1.7.0</appeared-in> | |
984 | |
985 <para> | |
986 Allows overriding the server name used to | |
987 <link id="uwsgi_ssl_verify">verify</link> | |
988 the certificate of the secured uwsgi server and to be | |
989 <link id="uwsgi_ssl_server_name">passed through SNI</link> | |
990 when establishing a connection with the secured uwsgi server. | |
991 </para> | |
992 | |
993 <para> | |
994 By default, the host part from <link id="uwsgi_pass"/> is used. | |
995 </para> | |
996 | |
997 </directive> | |
998 | |
999 | |
960 <directive name="uwsgi_ssl_protocols"> | 1000 <directive name="uwsgi_ssl_protocols"> |
961 <syntax> | 1001 <syntax> |
962 [<literal>SSLv2</literal>] | 1002 [<literal>SSLv2</literal>] |
963 [<literal>SSLv3</literal>] | 1003 [<literal>SSLv3</literal>] |
964 [<literal>TLSv1</literal>] | 1004 [<literal>TLSv1</literal>] |
975 </para> | 1015 </para> |
976 | 1016 |
977 </directive> | 1017 </directive> |
978 | 1018 |
979 | 1019 |
1020 <directive name="uwsgi_ssl_server_name"> | |
1021 <syntax><literal>on</literal> | <literal>off</literal></syntax> | |
1022 <default>off</default> | |
1023 <context>http</context> | |
1024 <context>server</context> | |
1025 <context>location</context> | |
1026 <appeared-in>1.7.0</appeared-in> | |
1027 | |
1028 <para> | |
1029 Enables or disables passing of the server name through | |
1030 <link url="http://en.wikipedia.org/wiki/Server_Name_Indication">TLS | |
1031 Server Name Indication extension</link> (SNI, RFC 6066) | |
1032 when establishing a connection with the secured uwsgi server. | |
1033 </para> | |
1034 | |
1035 </directive> | |
1036 | |
1037 | |
980 <directive name="uwsgi_ssl_session_reuse"> | 1038 <directive name="uwsgi_ssl_session_reuse"> |
981 <syntax><literal>on</literal> | <literal>off</literal></syntax> | 1039 <syntax><literal>on</literal> | <literal>off</literal></syntax> |
982 <default>on</default> | 1040 <default>on</default> |
983 <context>http</context> | 1041 <context>http</context> |
984 <context>server</context> | 1042 <context>server</context> |
989 Determines whether SSL sessions can be reused when working with | 1047 Determines whether SSL sessions can be reused when working with |
990 a secured uwsgi server. | 1048 a secured uwsgi server. |
991 If the errors | 1049 If the errors |
992 “<literal>SSL3_GET_FINISHED:digest check failed</literal>” | 1050 “<literal>SSL3_GET_FINISHED:digest check failed</literal>” |
993 appear in the logs, try disabling session reuse. | 1051 appear in the logs, try disabling session reuse. |
1052 </para> | |
1053 | |
1054 </directive> | |
1055 | |
1056 | |
1057 <directive name="uwsgi_ssl_trusted_certificate"> | |
1058 <syntax><value>file</value></syntax> | |
1059 <default/> | |
1060 <context>http</context> | |
1061 <context>server</context> | |
1062 <context>location</context> | |
1063 <appeared-in>1.7.0</appeared-in> | |
1064 | |
1065 <para> | |
1066 Specifies a <value>file</value> with trusted CA certificates in the PEM format | |
1067 used to <link id="uwsgi_ssl_verify">verify</link> | |
1068 the certificate of the secured uwsgi server. | |
1069 </para> | |
1070 | |
1071 </directive> | |
1072 | |
1073 | |
1074 <directive name="uwsgi_ssl_verify"> | |
1075 <syntax><literal>on</literal> | <literal>off</literal></syntax> | |
1076 <default>off</default> | |
1077 <context>http</context> | |
1078 <context>server</context> | |
1079 <context>location</context> | |
1080 <appeared-in>1.7.0</appeared-in> | |
1081 | |
1082 <para> | |
1083 Enables or disables verification of the secured uwsgi server certificate. | |
1084 </para> | |
1085 | |
1086 </directive> | |
1087 | |
1088 | |
1089 <directive name="uwsgi_ssl_verify_depth"> | |
1090 <syntax><value>number</value></syntax> | |
1091 <default>1</default> | |
1092 <context>http</context> | |
1093 <context>server</context> | |
1094 <context>location</context> | |
1095 <appeared-in>1.7.0</appeared-in> | |
1096 | |
1097 <para> | |
1098 Sets the verification depth in the secured uwsgi server certificates chain. | |
994 </para> | 1099 </para> |
995 | 1100 |
996 </directive> | 1101 </directive> |
997 | 1102 |
998 | 1103 |