Distributed SSL session cache
Piotr Sikora
piotr at cloudflare.com
Sat Sep 28 18:14:20 UTC 2013
Hi,
> My patch was designed not to use multiple keyfiles and keynames in nginx
> config so it's able to rotate keys with simple logic, only updating keyfile.
IMHO, that makes the key rollover much harder than it should be, that
is: you need to regenerate keyfile with number of older keys + new one
vs just add new key (and optionally remove some of the old ones).
Best regards,
Piotr Sikora
More information about the nginx-devel
mailing list