Appendix A[ 255 ]Directive Explanation Context/Default
ssl_engine Specifies a hardware SSL
accelerator.Valid context: main
Default value: -ssl_preferserver
ciphers (http)
Indicates that the server ciphers
are to be preferred over the client's
ciphers when using the SSLv3 and
TLS protocols.Valid contexts: http,
server
Default value: offssl_preferserver
ciphers (mail)
Indicates that SSLv3 and TLSv1
server ciphers are preferred over
the client's ciphers.Valid contexts: mail,
server
Default value: offssl_protocols (http) Indicates which SSL protocols
should be enabled.
Valid contexts: http,
server
Default value: SSLv3,
TLSv1, TLSv1.1,
TLSv1.2ssl_protocols (mail) Indicates which SSL protocols
should be enabled.
Valid contexts: mail,
server
Default value: SSLv3,
TLSv1, TLSv1.1,
TLSv1.2ssl_session_cache
(http)
Sets the type and size of the SSL
cache to store session parameters.
A cache can be one of the
following types:- off: Clients are told that
sessions won't be reused
at all - none: Clients are told that
sessions are reused, but
they aren't really - builtin: An OpenSSL
builtin cache used by only
one worker with a size
specified in sessions - shared: A cache shared by
all worker processes, given
a name and session size
specified in megabytes
Valid contexts: http,
server
Default value: none