Hello!

On Thu, Oct 20, 2022 at 09:45:17PM +0200, A. Schulze via nginx wrote:

>
>
> Am 19.10.22 um 14:10 schrieb Maxim Dounin:
> > Changes with nginx 1.23.2 19 Oct 2022
> > *) Feature: TLS session tickets encryption keys are now automatically
> > rotated when using shared memory in the "ssl_session_cache"
> > directive.
>
> Hello,
>
> this announcement let me hope, I could throw away my srcipt-foo that rotate
>
> - ssl_session_ticket_key current.key;
> - ssl_session_ticket_key previous.key;
>
> Are there some more hints on how to configure nginx now?

Now for automatic ticket keys rotation it is enough to configure
"ssl_session_cache shared:...", something you likely already have
configured anyway. Everything else will be done by nginx: it will
rotate keys every ssl_session_timeout.

If you are interested in details, see these commits:

http://hg.nginx.org/nginx/rev/0f3d98e4bcc5
http://hg.nginx.org/nginx/rev/043006e5a0b1

Hope this helps.

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-leave@nginx.org