Syntax: proxy_timeout timeout; Default: proxy_timeout 24h; Context: mail, server Sets the timeout between two successive read or write operations on client or proxied server connections. If no data is transmitted within this time, the connection is closed.

Syntax: proxy_ssl_verify_depth number; Default: proxy_ssl_verify_depth 1; Context: stream, server Sets the verification depth in the proxied server certificates chain.

Syntax: proxy_store on | off | string; Default: proxy_store off; Context: http, server, location Enables saving of files to a disk. The on parameter saves files with paths corresponding to the directives alias or root. The off parameter disables saving of files. In addition, the file name can be set explicitly using the string with variables: proxy_store /data/www$original_uri; The modification time of files is set according to the received “Last-Modified” response

Syntax: proxy_store_access users:permissions ...; Default: proxy_store_access user:rw; Context: http, server, location Sets access permissions for newly created files and directories, e.g.: proxy_store_access user:rw group:rw all:r; If any group or all access permissions are specified then user permissions may be omitted: proxy_store_access group:rw all:r;

Syntax: proxy_ssl_verify on | off; Default: proxy_ssl_verify off; Context: http, server, location This directive appeared in version 1.7.0. Enables or disables verification of the proxied HTTPS server certificate.

Syntax: proxy_ssl_verify_depth number; Default: proxy_ssl_verify_depth 1; Context: http, server, location This directive appeared in version 1.7.0. Sets the verification depth in the proxied HTTPS server certificates chain.

Syntax: proxy_ssl_verify on | off; Default: proxy_ssl_verify off; Context: stream, server Enables or disables verification of the proxied server certificate.

Syntax: proxy_ssl_trusted_certificate file; Default: — Context: http, server, location This directive appeared in version 1.7.0. Specifies a file with trusted CA certificates in the PEM format used to verify the certificate of the proxied HTTPS server.

Syntax: proxy_ssl_trusted_certificate file; Default: — Context: stream, server Specifies a file with trusted CA certificates in the PEM format used to verify the certificate of the proxied server.

Syntax: proxy_ssl_session_reuse on | off; Default: proxy_ssl_session_reuse on; Context: http, server, location Determines whether SSL sessions can be reused when working with the proxied server. If the errors “SSL3_GET_FINISHED:digest check failed” appear in the logs, try disabling session reuse.