ktls nginx not working
Sergey Kandaurov
pluknet at nginx.com
Thu Jan 27 14:49:24 UTC 2022
> On 27 Jan 2022, at 17:27, Anoop Alias <anoopalias01 at gmail.com> wrote:
>
> sendfile on;
>
> is there in the http context
>
> I tested with
>
> # TLS Settings
> ssl_protocols TLSv1.2;
> ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384;
>
> which should cover centos8 as mentioned in the blog post?
>
> But it still did not work
> ##########################
>
> Its a KVM vps from hetzner and tls module seems loaded
>
> [root at 65-108-156-104 nginx-1.21.6]# lsmod|grep tls
> tls 102400 0
>
Another thing to check is to make sure
you've actually built OpenSSL with KTLS support
(should be no OPENSSL_NO_KTLS defined in generated includes).
As previously provided, you have several --with-openssl-opt:
--with-openssl-opt=enable-ktls --with-openssl-opt=enable-tls1_3
In this case, only the last one is applied.
To specify several values: --with-openssl-opt="opt1 opt2"
It's also useful to know the actually negotiated ciphersuite.
--
Sergey Kandaurov
More information about the nginx
mailing list