Re: Differing ocsp responses

Hello, Nginx uses a per worker OCSP cache. On Tuesday, June 28, 2016, CJ Ess wrote: > I think I've got ocsp stapling setup correctly with Nginx (1.9.0). I am > seeing valid OCSP responses however if I keep querying the same server I > also frequently see "No response". The OCSP responses are va

Differing ocsp responses

I think I've got ocsp stapling setup correctly with Nginx (1.9.0). I am seeing valid OCSP responses however if I keep querying the same server I also frequently see "No response". The OCSP responses are valid for seven days. Is each worker doing its own OCSP query independently of the others? Or is

Nginx can not use more than 1024 log?

Hello everyone, I think the open file problem already mentioned. Here is the error --- 2016/06/28 21:12:41 [emerg] 1539#1539: open() "/var/log/nginx/xxx-xxx-xx_error.log" failed (24: Too many open files) --- I use 531 virtual host, each one of the virtual host uses 2 log files (access_log and

Query re: upstreams and two protocols

Hi all, First time posting here so apologies for any faux pas etc... I have an nginx config where I have a server block, a location block and a proxypass in the location block, pointing to an upstream. The upstream has, at this point 3 servers in it. All the 3 servers are in the same vpn. The p

Re: Is there an original source linking Qualys report codes to codes in nginx configuration?

There is a correspondence table on the Mozilla Server Side TLS wiki: https://wiki.mozilla.org/Security/Server_Side_TLS#Cipher_names_correspondence_table Regards, On Tue, Jun 28, 2016 at 6:22 AM vfclists . wrote: > >

Re: Is there an original source linking Qualys report codes to codes in nginx configuration?

nginx deals with an underlying library to manage TLS-ciphered content. The webserver merely sends configuration data to it on startup/reload and uses this library to do the actual (en/de)ciphering job. The one officially supported is OpenSSL, for which cipher strings and cipher suites are listed i