Add support for PSK cipher suites patch

Sékine Coulibaly scoulibaly at
Thu Jan 25 16:07:03 UTC 2018


I found a patch here
regarding the PSK spport in Nginx. I can not make the new parameter
ssl_psk_file work.

I applied it to release-1.13.5 successfully.

I updated my nginx.conf to

stream {
  upstream dtls_udp_upstreams {
    hash $remote_addr:remote_port;

  server {
    listen 5684 udp ssl;
    ssl_protocols DTLSv1.2;
    ssl_ciphers PSK-AES128-CBC-SHA;
    ssl_psk_file /tmp/cred.txt;
    ssl_certificate /tmp/server.pem;
    ssl_certificate_key /tmp/server.key;
    proxy_pass dtls_udp_upstreams;

My issue is that although /tmp/cred.txt file exists, Nginx returns :

nginx: [emerg] unknown directive "ssl_psk_file" in /tmp/nginx.conf:26.

I checked the source files, it looks like the patch has been correctly applied.

Would you mind posting the complete/corrected patch I could apply and test ?

I'm using DTLS client with PSK load-balancer and I could experiment the setup.

My patching application looks like :

git checkout release-1.13.5

patch -p1 -i pskpatch.diff

Thank you !
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list