Mercurial > hg > nginx-site
comparison xml/en/docs/stream/ngx_stream_ssl_module.xml @ 2350:8e35f3af574b
Documented the "data:" syntax for ssl_certificate and key.
author | Yaroslav Zhuravlev <yar@nginx.com> |
---|---|
date | Tue, 26 Mar 2019 17:09:15 +0300 |
parents | dbe55598d3f6 |
children | c60a8a15010c |
comparison
equal
deleted
inserted
replaced
2349:0eabe2f4d365 | 2350:8e35f3af574b |
---|---|
7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> | 7 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> |
8 | 8 |
9 <module name="Module ngx_stream_ssl_module" | 9 <module name="Module ngx_stream_ssl_module" |
10 link="/en/docs/stream/ngx_stream_ssl_module.html" | 10 link="/en/docs/stream/ngx_stream_ssl_module.html" |
11 lang="en" | 11 lang="en" |
12 rev="20"> | 12 rev="21"> |
13 | 13 |
14 <section id="summary"> | 14 <section id="summary"> |
15 | 15 |
16 <para> | 16 <para> |
17 The <literal>ngx_stream_ssl_module</literal> module (1.9.0) | 17 The <literal>ngx_stream_ssl_module</literal> module (1.9.0) |
128 Note that using variables implies that | 128 Note that using variables implies that |
129 a certificate will be loaded for each SSL handshake, | 129 a certificate will be loaded for each SSL handshake, |
130 and this may have a negative impact on performance. | 130 and this may have a negative impact on performance. |
131 </para> | 131 </para> |
132 | 132 |
133 <para id="ssl_certificate_data"> | |
134 The value | |
135 <literal>data</literal>:<value>$variable</value> | |
136 can be specified instead of the <value>file</value> (1.15.10), | |
137 which loads a certificate from a variable without using intermediate files. | |
138 Note that inappropriate use of this syntax may have its security implications, | |
139 such as writing secret key data to | |
140 <link doc="../ngx_core_module.xml" id="error_log">error log</link>. | |
141 </para> | |
142 | |
133 </directive> | 143 </directive> |
134 | 144 |
135 | 145 |
136 <directive name="ssl_certificate_key"> | 146 <directive name="ssl_certificate_key"> |
137 <syntax><value>file</value></syntax> | 147 <syntax><value>file</value></syntax> |
148 The value | 158 The value |
149 <literal>engine</literal>:<value>name</value>:<value>id</value> | 159 <literal>engine</literal>:<value>name</value>:<value>id</value> |
150 can be specified instead of the <value>file</value>, | 160 can be specified instead of the <value>file</value>, |
151 which loads a secret key with a specified <value>id</value> | 161 which loads a secret key with a specified <value>id</value> |
152 from the OpenSSL engine <value>name</value>. | 162 from the OpenSSL engine <value>name</value>. |
163 </para> | |
164 | |
165 <para id="ssl_certificate_key_data"> | |
166 The value | |
167 <literal>data</literal>:<value>$variable</value> | |
168 can be specified instead of the <value>file</value> (1.15.10), | |
169 which loads a secret key from a variable without using intermediate files. | |
170 Note that inappropriate use of this syntax may have its security implications, | |
171 such as writing secret key data to | |
172 <link doc="../ngx_core_module.xml" id="error_log">error log</link>. | |
153 </para> | 173 </para> |
154 | 174 |
155 <para> | 175 <para> |
156 Since version 1.15.9, variables can be used in the <value>file</value> name | 176 Since version 1.15.9, variables can be used in the <value>file</value> name |
157 when using OpenSSL 1.0.2 or higher. | 177 when using OpenSSL 1.0.2 or higher. |