ssl_password_file

Syntax:	`ssl_password_file file;`
Default:	—
Context:	`http`, `server`

This directive appeared in version 1.7.3.

Specifies a file with passphrases for secret keys where each passphrase is specified on a separate line. Passphrases are tried in turn when loading the key.

Example:

http {
    ssl_password_file /etc/keys/global.pass;
    ...

    server {
        server_name www1.example.com;
        ssl_certificate_key /etc/keys/first.key;
    }

    server {
        server_name www2.example.com;

        # named pipe can also be used instead of a file
        ssl_password_file /etc/keys/fifo;
        ssl_certificate_key /etc/keys/second.key;
    }
}

Links:

https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_password_file

doc_nginx

2017-02-09 07:09:27

Comments