Hello Maxim! On 9/22/2014 2:38 PM, Maxim Dounin wrote:
Hello!On Mon, Sep 22, 2014 at 01:39:43PM +0200, Richard Fussenegger, BSc wrote: The main problem here is how to share keys between worker processes, to ensure different workers will be able to decrypt tickets. So automatic rotation of ticket keys will likely require shared SSL session cache to be configured as well, and using a SSL session cache to store ticket keys.
Does this mean that a ticket key isn't shared among workers if one is using a single nginx instance with e.g. four workers? Or is the sharing of that ticket key handled by a single SSL_CTX in OpenSSL?
Richard
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel
