Mercurial > hg > nginx-site

diff xml/ru/docs/http/ngx_http_ssl_module.xml @ 2618:0b98a81f196b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Documented the ssl_reject_handshake directive.
author Yaroslav Zhuravlev <yar@nginx.com>
date Tue, 27 Oct 2020 22:07:25 +0000
parents d8bf37d20449
children 78161967514f
line wrap: on
line diff
--- a/xml/ru/docs/http/ngx_http_ssl_module.xml
+++ b/xml/ru/docs/http/ngx_http_ssl_module.xml
@@ -10,7 +10,7 @@
 <module name="Модуль ngx_http_ssl_module"
         link="/ru/docs/http/ngx_http_ssl_module.html"
         lang="ru"
-        rev="50">
+        rev="51">
 
 <section id="summary">
 
@@ -609,6 +609,39 @@ http {
 </directive>
 
 
+<directive name="ssl_reject_handshake">
+<syntax><literal>on</literal> | <literal>off</literal></syntax>
+<default>off</default>
+<context>http</context>
+<context>server</context>
+<appeared-in>1.19.4</appeared-in>
+
+<para>
+Если разрешено, то операции SSL handshake в
+блоке <link doc="ngx_http_core_module.xml" id="server"/> будут отклонены.
+</para>
+
+<para>
+Например в этой конфигурации отклоняются все операции SSL handshake с
+именем сервера, отличным от <literal>example.com</literal>:
+<example>
+server {
+    listen               443 ssl;
+    ssl_reject_handshake on;
+}
+
+server {
+    listen              443 ssl;
+    server_name         example.com;
+    ssl_certificate     example.com.crt;
+    ssl_certificate_key example.com.key;
+}
+</example>
+</para>
+
+</directive>
+
+
 <directive name="ssl_session_cache">
 <syntax>
     <literal>off</literal> |