TLS for a generic TCP session?

Preety Mordani preety at mordani.com
Thu May 19 15:50:32 UTC 2016


Hi Maxim,

Thanks for your email. I will take a look.

Best,
Preety

On Thu, May 19, 2016 at 1:38 AM, Maxim Konovalov <maxim at nginx.com> wrote:

> Hi Preety,
>
> On 5/19/16 2:57 AM, Preety Mordani wrote:
> > <Re-sending>
> >
> > Hey All,
> >
> > I was looking over the feature differences between nginx and
> > nginx-plus and its not clear to me if nginx by itself supports TLS
> > termination for a generic TCP session.
> >
> > If it does not support TLS termination for TCP sessions, then are my
> > only other options :
> >
> > 1. building the mainline source with the following options to configure?
> >
> > ./configure --sbin-path=/usr/local/nginx/nginx
> > --conf-path=/usr/local/nginx/bginx.conf
> > --pid-path=/usr/local/nginx/nginx.pid --with-pcre=../pcre-8.38
> > --with-zlib=../zlib-1.2.8 --with-http_ssl_module *--with-stream*
> > --with-mail=dynamic
> > --with-openssl=/home/admin/trial/openssl-1.0.2f/
> > *--with-stream_ssl_module*
> >
> > or
> >
> > 2. use nginx-plus download?
> >
> > Could someone kindly clarify?
> >
> There are no differences between -plus and -oss in this area -- both
> do support TLS termination in the stream module.
>
> Yes, you are right, you need "--with-stream_ssl_module" configure flag.
>
> You can find more information about our nginx-oss packages that we
> build and ship here:
>
> http://nginx.org/en/linux_packages.html#mainline
>
> --
> Maxim Konovalov
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20160519/8a17c7dc/attachment.html>


More information about the nginx mailing list