I've installed v1.25 nginx -V nginx version: nginx/1.25.0 (Local Build) built with OpenSSL 3.0.8 7 Feb 2023 TLS SNI support enabled configure arguments: --with-debug ... --with-http_v2_module --with-http_v3_module ... First tries on my existing site that frontends php-fpm, uses ssl cache, etc config-checks with NO errors, and execs with NO errors. But, I see no http3 protocol respoby pgn - Nginx Development
>> GCC 13 is not released yet, right? > > "Real Soon Now (tm)" fyi, https://gcc.gnu.org/gcc-13 April 26, 2023 The GCC developers are pleased to announce the release of GCC 13.1. _______________________________________________ nginx-devel mailing list nginx-devel@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx-develby pgn - Nginx Development
> GCC 13 is not released yet, right? "Real Soon Now (tm)" GCC 13.0.1 Status Report (2023-04-17) https://gcc.gnu.org/pipermail/gcc/2023-April/241140.html It's in the Fedora 38 release, which dropped today: Fedora 38 Released With GNOME 44 Desktop, GCC 13, Many New Features https://www.phoronix.com/news/Fedora-38-Released gcc -v Using built-in specs. COLLECT_GCC=gccby pgn - Nginx Development
I'm building nginx mainline v1.24 on Fedora. on F37, with gcc 12, gcc --version gcc (GCC) 12.2.1 20221121 (Red Hat 12.2.1-4) Copyright (C) 2022 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. build's good. Upgrading to today's new/latest F38, with gccby pgn - Nginx Development
> Do you have the certificate that has that value as the Subject? What > is that certificate's Issuer? And repeat until you get to the root > certificate. > > And which of the ssl*certificate files named in your config holds those certificates? i verified all my certs/chains. all good. with my orig conf, it appears i can't manage to grab/verify ssl client FP's for other-than-primby pgn - Nginx Mailing List - English
> What does the error_log say about this request and response? nothing that's giving me a hint i recognize, ... 2023/03/21 18:52:14 4955#4955: *7 http2 header: "cache-control: no-cache" 2023/03/21 18:52:14 4955#4955: *7 http2 encoded string, len:2 2023/03/21 18:52:14 4955#4955: *7 http2 encoded string, len:6 2023/03/21 18:52:14 4955#4955: *7 http2 table add: "te: trailby pgn - Nginx Mailing List - English
i run nginx -v nginx version: nginx/1.23.3 (COPR Build) the server's setup to use LE certs server { ... ssl_trusted_certificate "/www/sec/le/deploy/otherexample.com/intermediate_ca.ec.crt.pem"; ssl_certificate "/www/sec/le/deploy/otherexample.com/fullchain.ec.crt.pem"; ssl_certificate_key "/www/sec/le/deploy/otherexample.com/priv.by pgn - Nginx Mailing List - English
hi, > The error message suggests there is something wrong with DNS on> your host. > If this happens only on boot but not when you restart/reload nginx > after boot, ah. testing, yep, that does seem to be the case > this might indicate that DNS is not yet properly > available when nginx starts. One possible reason is that nginx > systemd service is not properly configuredby pgn - Nginx Mailing List - English
i run nginx -v nginx version: nginx/1.23.3 (Local Build) nginx is launched on boot with a systemd service my site's ssl enabled, using letsencrypt certs in my boot logs, i see Feb 15 11:54:03 svr017 nginx[912]: nginx: "ssl_stapling" ignored, host not found in OCSP responder "r3.o.lencr.org/" in the certificate "/sec/svr017/fullchain.ec.crt.pem" nginx site cby pgn - Nginx Mailing List - English
I have a single Nginx server configured to listen on two IPs on my VPS host -- an external/public IP (X.X.X.55) and an internal/LAN IP (10.10.10.55). Atm, it's a *single* "server_name" (host.example.com) for both IPs ... handled by a split-horizon DNS that returns the IP address for that hostname depending on the query origin -- public net, or internal LAN. It works as expected.by pgn - Nginx Mailing List - English
On Thu, Jul 12, 2012 at 2:30 PM, Maxim Dounin <mdounin@mdounin.ru> wrote: > SPDY changes nothing here. Or, more stictly, it makes SSL > compression even more pointless, as it introduces headers > compression on it's own layer. clear, thanks. leaving it alone ... _______________________________________________ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.orby pgn - Nginx Development
I'm running nginx 1.3.3 + spdy/47 SPDY's enabled and functioning. At least it's seen in headers, detected by browsers, etc. In Chromium, SSL site-cert popup reports "The connection does not use SSL compression." Reading SSL, Compression, and You http://www.belshe.com/2010/11/18/ssl-compression-and-you/ Nginx memory usage with SSL http://www.toofishes.net/blog/nginx-memory-uby pgn - Nginx Development
Done. Reading the docs, it's not clear to me -- or others apparently: http://kromey.us/2011/06/named-based-virtual-hosts-with-nginx-on-ipv6-423.html http://serverfault.com/questions/277653/nginx-name-based-virtual-hosts-on-ipv6 -- that ipv6only=on can only be specified once ... While some 'additional parameters' on the listen line are restricted in this manner, others -- e.g., ssl,by pgn - Nginx Mailing List - English
Sorry, I don't understand your point. Why is this ok, and fully functional? --------------------------------- server { server_name test1.loc; listen 10.0.0.1:443; ... server {server_name test2.loc; listen 10.0.0.1:443; ... --------------------------------- but this is not? --------------------------------- server { server_name test1.loc; listen [2001:xxx:xxxx:xxx::1]:443 ipv6onlyby pgn - Nginx Mailing List - English
I run src-built nginx/1.3.2 on linux/64. I have two nginx vhosts enabled: site 1) ... server { server_name test1.loc; listen 10.0.0.1:443; listen [2001:xxx:xxxx:xxx::1]:443 ipv6only=on; ... site 2) ... server { server_name test2.loc; listen 10.0.0.1:443 default; # listen [2001:xxx:xxxx:xxx::1]:443 ipv6only=on; ... With this cby pgn - Nginx Mailing List - English