Forum List Message List New Topic Print View

A. Schulze

June 22, 2017 05:44AM

B.R. via nginx:

> nginx configuration is parsed/analyzed by nginx master process by design.
> Moreover, TLS configuration is kept at this level if I recall well.
> Thus, the user your master process use needs to have the rights to access
> the specified file.
>
> To reload nginx configuration, you will indeed need to use SIGHUP, as nginx
> control documentation https://nginx.org/en/docs/control.html states.

>> Which process read these files? master or worker?
>> Must it be readable for root only or nginx-user?

OK, looks like master process only read the files.
I changes the mode 0400, ohwner root and at least got no failure after
send SIGUP nginx master process.

>> Must I signal nginx processes the rotation? If yes, how? via SIGHUP?
that's still my open question. which code will use the content of the files
referenced by https://nginx.org/r/ssl_session_ticket_key ?

Andreas

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
session ticket key rotation	A. Schulze	June 21, 2017 05:46PM
Re: session ticket key rotation	B.R. via nginx	June 22, 2017 04:10AM
Re: session ticket key rotation	A. Schulze	June 22, 2017 05:44AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Metasoftbali

Guests: 244

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018

session ticket key rotation

Re: session ticket key rotation

Re: session ticket key rotation

Online Users