Distributed SSL session cache
piotr at cloudflare.com
Sat Sep 28 18:14:20 UTC 2013
> My patch was designed not to use multiple keyfiles and keynames in nginx
> config so it's able to rotate keys with simple logic, only updating keyfile.
IMHO, that makes the key rollover much harder than it should be, that
is: you need to regenerate keyfile with number of older keys + new one
vs just add new key (and optionally remove some of the old ones).
More information about the nginx-devel