Mercurial > hg > nginx-site
comparison xml/en/docs/http/ngx_http_ssl_module.xml @ 2334:dbe55598d3f6
Added variables support in ssl_certificate and ssl_certificate_key.
author | Yaroslav Zhuravlev <yar@nginx.com> |
---|---|
date | Tue, 26 Feb 2019 18:33:47 +0300 |
parents | e2e71f9477a8 |
children | 8e35f3af574b |
comparison
equal
deleted
inserted
replaced
2333:fb5e1d2d4c75 | 2334:dbe55598d3f6 |
---|---|
8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> | 8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> |
9 | 9 |
10 <module name="Module ngx_http_ssl_module" | 10 <module name="Module ngx_http_ssl_module" |
11 link="/en/docs/http/ngx_http_ssl_module.html" | 11 link="/en/docs/http/ngx_http_ssl_module.html" |
12 lang="en" | 12 lang="en" |
13 rev="44"> | 13 rev="45"> |
14 | 14 |
15 <section id="summary"> | 15 <section id="summary"> |
16 | 16 |
17 <para> | 17 <para> |
18 The <literal>ngx_http_ssl_module</literal> module provides the | 18 The <literal>ngx_http_ssl_module</literal> module provides the |
173 With older versions, only one certificate chain can be used. | 173 With older versions, only one certificate chain can be used. |
174 </note> | 174 </note> |
175 </para> | 175 </para> |
176 | 176 |
177 <para> | 177 <para> |
178 Since version 1.15.9, variables can be used in the <value>file</value> name | |
179 when using OpenSSL 1.0.2 or higher: | |
180 <example> | |
181 ssl_certificate $ssl_server_name.crt; | |
182 ssl_certificate_key $ssl_server_name.key; | |
183 </example> | |
184 Note that using variables implies that | |
185 a certificate will be loaded for each SSL handshake, | |
186 and this may have a negative impact on performance. | |
187 </para> | |
188 | |
189 <para> | |
178 It should be kept in mind that due to the HTTPS protocol limitations | 190 It should be kept in mind that due to the HTTPS protocol limitations |
179 for maximum interoperability virtual servers should listen on | 191 for maximum interoperability virtual servers should listen on |
180 <link doc="configuring_https_servers.xml" id="name_based_https_servers">different | 192 <link doc="configuring_https_servers.xml" id="name_based_https_servers">different |
181 IP addresses</link>. | 193 IP addresses</link>. |
182 </para> | 194 </para> |
199 The value | 211 The value |
200 <literal>engine</literal>:<value>name</value>:<value>id</value> | 212 <literal>engine</literal>:<value>name</value>:<value>id</value> |
201 can be specified instead of the <value>file</value> (1.7.9), | 213 can be specified instead of the <value>file</value> (1.7.9), |
202 which loads a secret key with a specified <value>id</value> | 214 which loads a secret key with a specified <value>id</value> |
203 from the OpenSSL engine <value>name</value>. | 215 from the OpenSSL engine <value>name</value>. |
216 </para> | |
217 | |
218 <para> | |
219 Since version 1.15.9, variables can be used in the <value>file</value> name | |
220 when using OpenSSL 1.0.2 or higher. | |
204 </para> | 221 </para> |
205 | 222 |
206 </directive> | 223 </directive> |
207 | 224 |
208 | 225 |