Directive Reference
[ 256 ]Directive Explanation Context/Default
ssl_session_cache
(mail)Sets the type and size of the SSL
cache to store session parameters.
A cache can be one of the
following types:- off: Clients are told that
sessions won't be reused
at all - none: Clients are told that
sessions are reused, but
they aren't really - builtin: An OpenSSL
builtin cache used by only
one worker with a size
specified in sessions - shared: A cache shared by
all worker processes, given
a name and session size
specified in megabytes
Valid contexts: mail,
server
Default value: nonessl_session_timeout
(http)How long the client can use the
same SSL parameters, provided
they are stored in the cache.Valid contexts: http,
server
Default value: 5m
ssl_session_timeout
(mail)How long the client can use the
same SSL parameters, provided
they are stored in the cache.Valid contexts: mail,
server
Default value: 5m
ssl_stapling Enables stapling of OCSP
responses. The CA certificate
of the server's issuer should be
contained in the file specified by
ssl_trusted_certificate. A
resolver should also be specified
to be able to resolve the OCSP
responder hostname.Valid contexts: http,
server
Default value: offssl_stapling_file The path to a DER-formatted
file containing the stapled OCSP
response.Valid contexts: http,
server
Default value: -
ssl_stapling_
responderA URL specifying the OCSP
responder. Only URLs beginning
with http:// are currently
supported.Valid contexts: http,
server
Default value: -