Custom Query (2297 matches)
Results (7 - 9 of 2297)
Ticket | Resolution | Summary | Owner | Reporter |
---|---|---|---|---|
#1234 | fixed | "proxy_ssl_trusted_certificate" is loaded into memory many times when defined in "http" context. | ||
Description |
When enabling This cert bundle is about 250 Kilobytes.
We have thousands of It seems that the cert bundle is loaded many thousands of times into memory (once for each upstream?).
Nginx typically uses ~2GB of memory, but enabling
If the |
|||
#1998 | duplicate | SSL Stapling not preloading OCSP answer | ||
Description |
I use certificates by Let's Encrypt with OCSP MUST STAPLE enabled.
I used Mozilla Firefox to test this issue, and it aborts the request if the OCSP data is missing because of being the first visitor of the website. Chrome seems to ignore the flag. |
|||
#26 | wontfix | feature request about upstream module | ||
Description |
Just wonder if it's possible to change the http upstream module to a non-http module, so it will be easily used to implement load balancers for other protocols like dns_proxy/mysql_proxy that has nothing to do with http protocol. This module is used to choose a server from many, load balancing, fault tolerance and connection caching. All these features can be commonly used for all protocols. and the round robin, hash and keepalive upstream modules are useful and can be easily reused. or just simply change prototype of ngx_http_upstream_init_peer_pt (actually it's almost done after this) from typedef ngx_int_t (*ngx_http_upstream_init_peer_pt)(ngx_http_request_t *r, ngx_http_upstream_srv_conf_t *us); to typedef ngx_int_t (*ngx_http_upstream_init_peer_pt)(ngx_http_upstream_t *upstream, ngx_http_upstream_srv_conf_t *us); and add these fields to ngx_http_upstream_t ngx_log_t *log; ngx_pool_t *pool; thanks~ |