nginx-1.23.2
Maxim Dounin
mdounin at mdounin.ru
Thu Oct 20 20:30:07 UTC 2022
Hello!
On Thu, Oct 20, 2022 at 09:45:17PM +0200, A. Schulze via nginx wrote:
>
>
> Am 19.10.22 um 14:10 schrieb Maxim Dounin:
> > Changes with nginx 1.23.2 19 Oct 2022
> > *) Feature: TLS session tickets encryption keys are now automatically
> > rotated when using shared memory in the "ssl_session_cache"
> > directive.
>
> Hello,
>
> this announcement let me hope, I could throw away my srcipt-foo that rotate
>
> - ssl_session_ticket_key current.key;
> - ssl_session_ticket_key previous.key;
>
> Are there some more hints on how to configure nginx now?
Now for automatic ticket keys rotation it is enough to configure
"ssl_session_cache shared:...", something you likely already have
configured anyway. Everything else will be done by nginx: it will
rotate keys every ssl_session_timeout.
If you are interested in details, see these commits:
http://hg.nginx.org/nginx/rev/0f3d98e4bcc5
http://hg.nginx.org/nginx/rev/043006e5a0b1
Hope this helps.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx
mailing list