proxy_ssl_crl

Syntax: proxy_ssl_crl file; Default: — Context: http, server, location This directive appeared in version 1.7.0. Specifies a file with revoked certificates (CRL) in the PEM format used to verify the certificate of the proxied HTTPS server.

proxy_ssl_certificate_key

Syntax: proxy_ssl_certificate_key file; Default: — Context: stream, server Specifies a file with the secret key in the PEM format used for authentication to a proxied server.

proxy_ssl_ciphers

Syntax: proxy_ssl_ciphers ciphers; Default: proxy_ssl_ciphers DEFAULT; Context: http, server, location This directive appeared in version 1.5.6. Specifies the enabled ciphers for requests to a proxied HTTPS server. The ciphers are specified in the format understood by the OpenSSL library. The full list can be viewed using the “openssl ciphers” command.

proxy_ssl_ciphers

Syntax: proxy_ssl_ciphers ciphers; Default: proxy_ssl_ciphers DEFAULT; Context: stream, server Specifies the enabled ciphers for connections to a proxied server. The ciphers are specified in the format understood by the OpenSSL library. The full list can be viewed using the “openssl ciphers” command.

proxy_ssl_certificate

Syntax: proxy_ssl_certificate file; Default: — Context: http, server, location This directive appeared in version 1.7.8. Specifies a file with the certificate in the PEM format used for authentication to a proxied HTTPS server.

proxy_ssl_certificate_key

Syntax: proxy_ssl_certificate_key file; Default: — Context: http, server, location This directive appeared in version 1.7.8. Specifies a file with the secret key in the PEM format used for authentication to a proxied HTTPS server. The value engine:name:id can be specified instead of the file (1.7.9), which loads a secret key with a specified id from the OpenSSL engine name.

proxy_ssl_certificate

Syntax: proxy_ssl_certificate file; Default: — Context: stream, server Specifies a file with the certificate in the PEM format used for authentication to a proxied server.

proxy_ssl

Syntax: proxy_ssl on | off; Default: proxy_ssl off; Context: stream, server Enables the SSL/TLS protocol for connections to a proxied server.

proxy_set_header

Syntax: proxy_set_header field value; Default: proxy_set_header Host $proxy_host;proxy_set_header Connection close; Context: http, server, location Allows redefining or appending fields to the request header passed to the proxied server. The value can contain text, variables, and their combinations. These directives are inherited from the previous level if and only if there are no proxy_set_header directives defined on the current level. By default, only two fields are redefined:

proxy_set_body

Syntax: proxy_set_body value; Default: — Context: http, server, location Allows redefining the request body passed to the proxied server. The value can contain text, variables, and their combination.