Hello!
On Tue, Jul 10, 2018 at 04:59:43PM -0700, Frank Liu wrote:
> When you say "Keepalive is automatically switched off...", do you mean
> nginx will send "Connection: close" as part of the response? What happens
> if client doesn't honor that, and keeps sending another request to the
> existin
Those unsupported ssl version messages should be in "info" level instead of
"crit", just like other SSL related errors.
Applying below patch should make your error log cleaner:
https://nginx.googlesource.com/nginx/+/6853c9c868504432ffadb8a7ca58ce8e50a83450%5E%21/
On Sat, Jul 7, 2018 at 8:38 AM, s
Hi Maxim,
When you say "Keepalive is automatically switched off...", do you mean
nginx will send "Connection: close" as part of the response? What happens
if client doesn't honor that, and keeps sending another request to the
existing connection?
You also mentioned "error codes is generated by ng
Thanks Ray, the SSL Configuration Generator looks really good and modern
config is what I was looking for, I guess.
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,280475,280487#msg-280487
___
nginx mailing list
nginx@nginx.org
http://mailma
> You may want to update OpenSSL.
Thanks but I did and almost zero browser was able to use draft 26 or 28.
Therefore I downgraded OpenSSL from 1.1.1-pre8 to 1.1.1-pre2 (draft 23).
Although TLS 1.3 has been finalized, Openssl 1.1.1 is still work in
progress.
Tested with latest Opera, Palemoon, B
> On 7 Jul 2018, at 18:38, shiz wrote:
>
> Hi,
>
> I see those messages in my error logs daily.
>
> ```
> 2018/07/07 08:01:32 [crit] 31935#31935: *342781 SSL_do_handshake() failed
> (SSL: error:14209102:SSL
> routines:tls_early_post_process_client_hello:unsupported protocol) while SSL
> hands
Hi
I would like a css file (named theme.css) to be blocked when loading a page
thru nginx. This css file is dynamically created everytime a new page is
loaded.
Wondering is that is possible to block thru nginx rule? If so please give
an example.
Thanks
Hamidul
___
Hello!
On Mon, Jul 09, 2018 at 05:16:36PM -0700, Frank Liu wrote:
> Does nginx automatically disconnect keepalive connection if 5xx response
> code is generated?
Not really. Keepalive is automatically switched off when a
response with one of the following error codes is generated by
nginx its
Hello!
On Tue, Jul 10, 2018 at 07:09:46AM -0400, rudyxie wrote:
> Has the nginx 1.15.x support the 0-RTT early data of TLS1.3 ? I read the
> change logs of nginx 1.15.x and not found it.
Development of the 1.15.x branch is in progress. Support for
0-RTT mode aka early data is still in plans.
Hello!
On Tue, Jul 10, 2018 at 07:06:19AM -0400, rudyxie wrote:
> Has the nginx 1.15.x support the 0-RTT early data of TLS1.3 ? I read the
> change log of nginx 1.15.x and not found it.
Development of the 1.15.x branch is in progress. Support for
0-RTT mode aka early data is still in plans.
-
itpp2012 Wrote:
---
> Have a look here http://nginx-win.ecsds.eu/
Best Nginx for windows builds around :) love itpp2012's work.
He also fixed the concurrent connection limitations and continuously ads
modules like Lua for Nginx into his builds
Hi Jay,
On 10/07/2018 15:07, jstephens wrote:
> Hello,
> With some experience in F5 and NetScaler world but still new to Nginx I have
> been tasked with migrating 50+ public URLs to NGINX Plus configured as
> keepalived HA pair. What would be best SSL configuration to achieve highest
> security s
On Tue, Jul 10, 2018 at 8:07 AM, jstephens
wrote:
> What would be best SSL configuration to achieve highest
> security scores from Qaulys SSLLabs or BitSight ? Can someone recommend or
> share current best SSL config ?
>
Recommend you start with the Mozilla TLS configuration page.
Mozilla Moder
Hello,
With some experience in F5 and NetScaler world but still new to Nginx I have
been tasked with migrating 50+ public URLs to NGINX Plus configured as
keepalived HA pair. What would be best SSL configuration to achieve highest
security scores from Qaulys SSLLabs or BitSight ? Can someone reco
Have a look here http://nginx-win.ecsds.eu/
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,280470,280474#msg-280474
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Has the nginx 1.15.x support the 0-RTT early data of TLS1.3 ? I read the
change logs of nginx 1.15.x and not found it.
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,280473,280473#msg-280473
___
nginx mailing list
nginx@nginx.org
http://mail
Has the nginx 1.15.x support the 0-RTT early data of TLS1.3 ? I read the
change log of nginx 1.15.x and not found it.
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,279404,280472#msg-280472
___
nginx mailing list
nginx@nginx.org
http://mailm
Hi Kevin,
On 10/07/2018 13:46, Kevin Mark wrote:
> Hello all,
>
> I was wondering if there was any up-to-date documentation about
> running nginx on Windows in a production environment. The
> official documentation here
> (https://nginx.org/en/docs/windows.html) notes some pretty
> serious limita
Hello all,
I was wondering if there was any up-to-date documentation about running nginx
on Windows in a production environment. The official documentation here
(https://nginx.org/en/docs/windows.html) notes some pretty serious limitations
but its last update was 18 months ago and its last majo
19 matches
Mail list logo
