ssl_session_tickets

Syntax: ssl_session_tickets on | off; Default: ssl_session_tickets on; Context: mail, server This directive appeared in version 1.5.9. Enables or disables session resumption through TLS session tickets.

ssl_session_tickets

Syntax: ssl_session_tickets on | off; Default: ssl_session_tickets on; Context: http, server This directive appeared in version 1.5.9. Enables or disables session resumption through TLS session tickets.

ssl_session_cache

Syntax: ssl_session_cache off | none | [builtin[:size]] [shared:name:size]; Default: ssl_session_cache none; Context: stream, server Sets the types and sizes of caches that store session parameters. A cache can be of any of the following types: off the use of a session cache is strictly prohibited: nginx explicitly tells a client that sessions may not be reused. none the use of a session cache is gently disallowed: nginx tells a client that sessions may be reus

ssl_session_cache

Syntax: ssl_session_cache off | none | [builtin[:size]] [shared:name:size]; Default: ssl_session_cache none; Context: mail, server Sets the types and sizes of caches that store session parameters. A cache can be of any of the following types: off the use of a session cache is strictly prohibited: nginx explicitly tells a client that sessions may not be reused. none the use of a session cache is gently disallowed: nginx tells a client that sessions may be reused

ssl_session_cache

Syntax: ssl_session_cache off | none | [builtin[:size]] [shared:name:size]; Default: ssl_session_cache none; Context: http, server Sets the types and sizes of caches that store session parameters. A cache can be of any of the following types: off the use of a session cache is strictly prohibited: nginx explicitly tells a client that sessions may not be reused. none the use of a session cache is gently disallowed: nginx tells a client that sessions may be reused

ssl_protocols

Syntax: ssl_protocols [SSLv2] [SSLv3] [TLSv1] [TLSv1.1] [TLSv1.2]; Default: ssl_protocols TLSv1 TLSv1.1 TLSv1.2; Context: stream, server Enables the specified protocols. The TLSv1.1 and TLSv1.2 parameters work only when the OpenSSL library of version 1.0.1 or higher is used.

ssl_protocols

Syntax: ssl_protocols [SSLv2] [SSLv3] [TLSv1] [TLSv1.1] [TLSv1.2]; Default: ssl_protocols TLSv1 TLSv1.1 TLSv1.2; Context: mail, server Enables the specified protocols. The TLSv1.1 and TLSv1.2 parameters work only when the OpenSSL library of version 1.0.1 or higher is used. The TLSv1.1 and TLSv1.2 parameters are supported starting from versions 1.1.13 and 1.0.12 so when the OpenSSL version 1.0.1 or higher is used on older nginx versions, these protocols work,

ssl_protocols

Syntax: ssl_protocols [SSLv2] [SSLv3] [TLSv1] [TLSv1.1] [TLSv1.2]; Default: ssl_protocols TLSv1 TLSv1.1 TLSv1.2; Context: http, server Enables the specified protocols. The TLSv1.1 and TLSv1.2 parameters work only when the OpenSSL library of version 1.0.1 or higher is used. The TLSv1.1 and TLSv1.2 parameters are supported starting from versions 1.1.13 and 1.0.12, so when the OpenSSL version 1.0.1 or higher is used on older nginx versions, these protocols work,

ssl_preread

Syntax: ssl_preread on | off; Default: ssl_preread off; Context: stream, server Enables extracting information from the ClientHello message at the preread phase.

ssl_prefer_server_ciphers

Syntax: ssl_prefer_server_ciphers on | off; Default: ssl_prefer_server_ciphers off; Context: stream, server Specifies that server ciphers should be preferred over client ciphers when the SSLv3 and TLS protocols are used.