terminate a connection after sending headers

2014-09-01 Thread erankor2
Hi all, In the module I'm developing, I have the possibility of encountering an error after the response headers were already sent. As the headers were already sent (with status 200) the only way for me to signal the error to the client would be to close the connection. I tried calling ngx_http_fi

Re: SSL ciphers preference

2014-09-01 Thread B.R.
Loud and clear. I am no expert at OpenSSL cypher suites. I found that resource that might prove useful on their own website. At least, that is a start to understand what you are do

Re: SSL ciphers preference

2014-09-01 Thread Maxim Dounin
Hello! On Mon, Sep 01, 2014 at 04:56:00PM +0200, B.R. wrote: > Hello, > > I filled a (now closed, because erroneous) enhancement ticket: > http://trac.nginx.org/nginx/ticket/619 > > As it appears, the change I noticed in the SSl test did not result from my > malformed ciphers list. > Right abou

Re: NGINX redirection issue

2014-09-01 Thread manish-ezest
Hello Maxim, Like you suggested I have set "recursive_error_pages" to off but still I am facing the problem. This time I am getting "504 Gateway Time-out" error. I have already shared my NGINX and vhost configuration. We have one fastcgi script running for serving error pages which checks the entr

SSL ciphers preference

2014-09-01 Thread B.R.
Hello, I filled a (now closed, because erroneous) enhancement ticket: http://trac.nginx.org/nginx/ticket/619 As it appears, the change I noticed in the SSl test did not result from my malformed ciphers list. Right about that. However, what is intriguing is the answer Maxim gave me on the second

Re: Compression with Caching

2014-09-01 Thread BrĂ¡ulio Bhavamitra
Thanks Patrick, I meant weak etags, happy to see them on 1.7.3! On Mon, Sep 1, 2014 at 9:24 AM, Patrick Laimbock wrote: > On 01-09-14 14:18, Reinis Rozitis wrote: > >> is there is roadmap for ETags? I really miss that on nginx... >>> >> >> What do you mean by that? >> >> http://nginx.org/en/doc

Re: Compression with Caching

2014-09-01 Thread Patrick Laimbock
On 01-09-14 14:18, Reinis Rozitis wrote: is there is roadmap for ETags? I really miss that on nginx... What do you mean by that? http://nginx.org/en/docs/http/ngx_http_core_module.html#etag on by default since 1.3.3. And from http://nginx.org/en/CHANGES Changes with nginx 1.7.3

Re: Compression with Caching

2014-09-01 Thread Reinis Rozitis
is there is roadmap for ETags? I really miss that on nginx... What do you mean by that? http://nginx.org/en/docs/http/ngx_http_core_module.html#etag on by default since 1.3.3. rr ___ nginx mailing list nginx@nginx.org http://mailman.nginx.org/ma

Re: Compression with Caching

2014-09-01 Thread BrĂ¡ulio Bhavamitra
Maxim, is there is roadmap for ETags? I really miss that on nginx... On Mon, Sep 1, 2014 at 6:41 AM, Maxim Dounin wrote: > Hello! > > On Mon, Sep 01, 2014 at 03:20:23AM -0400, nginxsantos wrote: > > > Any thoughts on this? > > As you already found out, nginx stores responses as got from the > b

Re: Compression with Caching

2014-09-01 Thread Maxim Dounin
Hello! On Mon, Sep 01, 2014 at 03:20:23AM -0400, nginxsantos wrote: > Any thoughts on this? As you already found out, nginx stores responses as got from the backend server. If you want to store compressed responses - they have to be returned compressed by the upstream. If your upstream serv

Re: Compression with Caching

2014-09-01 Thread nginxsantos
Any thoughts on this? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,252885,252979#msg-252979 ___ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

Re: Significant increase in number of connections after renewing SSL certificate

2014-09-01 Thread lpugoy
> What kind of ciphers do you use? Could you paste your ciphers > configuration there? ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH

Re: Significant increase in number of connections after renewing SSL certificate

2014-09-01 Thread Dewangga
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, What kind of ciphers do you use? Could you paste your ciphers configuration there? On 9/1/2014 14:11, lpugoy wrote: > To add more information, we have the chain issue "Chain issues: > Contains anchor". But removing it does not help. > > Some mor

Re: Significant increase in number of connections after renewing SSL certificate

2014-09-01 Thread lpugoy
To add more information, we have the chain issue "Chain issues: Contains anchor". But removing it does not help. Some more details: https://prtsc.io/g4QVsY3PUY https://prtsc.io/FmMCjDao4p https://prtsc.io/WZksyPXucM Posted at Nginx Forum: http://forum.nginx.org/read.php?2,252972,252975#msg-25297

Re: Significant increase in number of connections after renewing SSL certificate

2014-09-01 Thread Lukas Tribus
> Hello. > > No, our site's grade is A. Grade is irrelevant. Does it have chain issues or not (read: does ssltest report "chain issues: none")? ___ nginx mailing list nginx@nginx.org http://mailman.nginx.org/m

Re: Significant increase in number of connections after renewing SSL certificate

2014-09-01 Thread lpugoy
Hello. No, our site's grade is A. Our server is still processing requests correctly, so some of the requests succeed but most have an SSL error. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,252972,252974#msg-252974 ___ nginx mailing list n