Syntax: auth_request uri | off; Default: auth_request off; Context: http, server, location Enables authorization based on the result of a subrequest and sets the URI to which the subrequest will be sent.

Syntax: auth_request_set variable value; Default: — Context: http, server, location Sets the request variable to the given value after the authorization request completes. The value may contain variables from the authorization request, such as $upstream_http_*.

Syntax: proxy_ssl_trusted_certificate file; Default: — Context: stream, server Specifies a file with trusted CA certificates in the PEM format used to verify the certificate of the proxied server.

Syntax: proxy_ssl_certificate file; Default: — Context: http, server, location This directive appeared in version 1.7.8. Specifies a file with the certificate in the PEM format used for authentication to a proxied HTTPS server.

Syntax: uwsgi_ssl_session_reuse on | off; Default: uwsgi_ssl_session_reuse on; Context: http, server, location This directive appeared in version 1.5.8. Determines whether SSL sessions can be reused when working with a secured uwsgi server. If the errors “SSL3_GET_FINISHED:digest check failed” appear in the logs, try disabling session reuse.

Syntax: js_include file; Default: — Context: stream Specifies a file that implements server and variable handlers in nginScript.

Syntax: proxy_connect_timeout time; Default: proxy_connect_timeout 60s; Context: stream, server Defines a timeout for establishing a connection with a proxied server.

Syntax: fastcgi_intercept_errors on | off; Default: fastcgi_intercept_errors off; Context: http, server, location Determines whether FastCGI server responses with codes greater than or equal to 300 should be passed to a client or be intercepted and redirected to nginx for processing with the error_page directive.

Syntax: ssl_certificate_key file; Default: — Context: http, server Specifies a file with the secret key in the PEM format for the given virtual server. The value engine:name:id can be specified instead of the file (1.7.9), which loads a secret key with a specified id from the OpenSSL engine name.

Syntax: listen address:port [ssl] [backlog=number] [bind] [ipv6only=on|off] [so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]]; Default: — Context: server Sets the address and port for the socket on which the server will accept requests. It is possible to specify just the port. The address can also be a hostname, for example: listen 127.0.0.1:110; listen *:110; listen 110; # same as *:110 listen localhost:110; IPv6 addresses (0.7.58) are specifi