nginx1.94 ssl use TLS1.0.

18620708940 at 163.com 18620708940 at 163.com
Fri Mar 11 03:32:13 UTC 2016


nginx1.94 ssl use TLS1.0.
server {
        listen 443;
        server_name a.com;

        ssi on;
        ssi_silent_errors on;
        ssi_types text/shtml;

        ssl                  on;
     ssl_certificate      
ssl_certificate_key
ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;
....}
but nginx1.6.2 ssl use TLS1.2



18620708940 at 163.com
 
From: Frank Liu
Date: 2016-03-11 06:55
To: nginx
Subject: dns name for upstream
Hi,

I saw this example at serverfault.com:

server {
    ...
    resolver 127.0.0.1;
    set $backend "http://dynamic.example.com:80";
    proxy_pass $backend;
    ...
}

I have a few questions:
1) If the resolver DNS becomes unavailable (say connection timeout), what will nginx do? Will it keep using the old IPs or will it flush the DNS since TTL expires? If later, the proxy will stop working.
2) In the upstream block, I could define "keepalive #", but with this example, how can I do that?
3) This page http://nginx.org/en/docs/stream/ngx_stream_core_module.html#resolver says "This directive is available as part of our commercial subscription.". Is that still up to date? Can "resolver", "resolver_timeout" be used in free edition now?

Thanks!
Frank


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20160311/6a993092/attachment.html>


More information about the nginx mailing list