Welcome! Log In Create A New Profile

Advanced

Re: [PATCH] Keepalive: add new option "keepalive_ssl_respect_sni"

Previous Message Next Message
Forum List Message List New Topic Print View
geniuss99
March 16, 2021 10:44AM
Hi.

> SSL sessions are cached in the context of the upstream{} block (or an implicit upstream when using an IP address or a DNS name)
Oh, I didn't think of that. I guess this can be solved by patching the
ngx_http_upstream_round_robin module and saving many sessions per each
upstream peer.

> No, thank you. The issues as observed in the tickets linked should be resolved by using distinct upstream blocks instead.
So what was the reason you rejected the previous patch? Was it because
of breaking ssl sessions caching mechanism?
Or you just didn't see it fit for nginx from the design
(architectural) point of view?

Thanks.
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Reply Quote
RSS
Subject Author Views Posted

[PATCH] Keepalive: add new option "keepalive_ssl_respect_sni"

geniuss99 375 March 11, 2021 01:30PM

Re: [PATCH] Keepalive: add new option "keepalive_ssl_respect_sni"

Maxim Dounin 107 March 12, 2021 02:38PM

Re: [PATCH] Keepalive: add new option "keepalive_ssl_respect_sni"

geniuss99 105 March 16, 2021 10:44AM

Re: [PATCH] Keepalive: add new option "keepalive_ssl_respect_sni"

Maxim Dounin 107 March 16, 2021 07:26PM

Re: [PATCH] Keepalive: add new option "keepalive_ssl_respect_sni"

geniuss99 150 March 17, 2021 12:18PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 142
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready