nginx1.94 ssl use TLS1.0.

18620708940 at 18620708940 at
Fri Mar 11 03:32:13 UTC 2016

nginx1.94 ssl use TLS1.0.
server {
        listen 443;

        ssi on;
        ssi_silent_errors on;
        ssi_types text/shtml;

        ssl                  on;
ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;
but nginx1.6.2 ssl use TLS1.2

18620708940 at
From: Frank Liu
Date: 2016-03-11 06:55
To: nginx
Subject: dns name for upstream

I saw this example at

server {
    set $backend "";
    proxy_pass $backend;

I have a few questions:
1) If the resolver DNS becomes unavailable (say connection timeout), what will nginx do? Will it keep using the old IPs or will it flush the DNS since TTL expires? If later, the proxy will stop working.
2) In the upstream block, I could define "keepalive #", but with this example, how can I do that?
3) This page says "This directive is available as part of our commercial subscription.". Is that still up to date? Can "resolver", "resolver_timeout" be used in free edition now?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list