On 9/22/2014 2:38 PM, Maxim Dounin wrote:
Hello!
On Mon, Sep 22, 2014 at 01:39:43PM +0200, Richard Fussenegger, BSc wrote:
I'd like to implement built-in session ticket rotation. I know that it this
was discussed before but it was never implemented. Right now a custom
external ticket key system is supported. Admins with single installations
and not enough knowledge about the topic are left with keys that are valid
for the complete lifetime nginx is running.
That's not really true: ticket keys are regenerated on each
configuration reload.
Maxim, just to clarify, will nginx really use a new key (either via
OpenSSL or key files) upon *reload* or only on *restart*?
In other words, this should do, right?
https://github.com/Fleshgrinder/nginx-sysvinit-script/blob/master/nginx#L116
Richard
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
