Hello! On Mon, Oct 06, 2014 at 02:45:41PM +0200, Richard Fussenegger, BSc wrote:
> On 9/22/2014 2:38 PM, Maxim Dounin wrote: > >Hello! > > > >On Mon, Sep 22, 2014 at 01:39:43PM +0200, Richard Fussenegger, BSc wrote: > > > >>I'd like to implement built-in session ticket rotation. I know that it this > >>was discussed before but it was never implemented. Right now a custom > >>external ticket key system is supported. Admins with single installations > >>and not enough knowledge about the topic are left with keys that are valid > >>for the complete lifetime nginx is running. > >That's not really true: ticket keys are regenerated on each > >configuration reload. > Maxim, just to clarify, will nginx really use a new key (either via OpenSSL > or key files) upon *reload* or only on *restart*? > > In other words, this should do, right? > https://github.com/Fleshgrinder/nginx-sysvinit-script/blob/master/nginx#L116 Yes, configuration reload is enough. -- Maxim Dounin http://nginx.org/ _______________________________________________ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel
