Encrypting HTTP traffic with Transport Layer Security (TLS) prevents tampering and eavesdropping. Learn all about implementing TLS with NGINX in our on-demand webinar.
NGINX Plus R28 introduces TLS metrics for handshake errors and certificate verification failures, support for PROXY protocol v2 in cloud private services, and more.
Simplify cert management by providing unique, automatically renewed and updated certificates to your endpoints.
NGINX Plus R27 introduces keepalive connections for health checks, support for Kernel TLS, more TLS metrics, custom error codes for JWT validation failures, and more.
NGINX Unit 1.23.0 and 1.24.0 introduce support for the SNI extension to TLS, definition of OpenSSL configuration commands, MIME filtering and path restrictions for static content, and multiple Python scripts in one app. Also, you no longer need to modify Node.js apps to run them in Unit.
Learn how to use the Let’s Encrypt client to generate RSA certificates and automatically configure NGINX to use the newly issued certificates.
With the Fortanix Self-Defending Key Management Service, you can offload TLS crytographic processing from your NGINX and NGINX Plus servers, and safely store your TLS keys for on-demand uploading into the NGINX Plus key-value store. We provide complete instructions for both use cases.
In high-security environments, it's important to store sensitive data like SSL certificate-key pairs in memory only, not on disk. Here we show how to generate ephemeral SSL key pairs using HashiCorp Vault and store them in the in-memory NGINX Plus key-value store.
In this installment of our "Ask NGINX" series, we discuss how NGINX and NGINX Plus work with Diffie-Hellman, support for Datagram Transport Layer Security, how to control the lifetime of content in the cache, and how to add NGINX ModSecurity WAF to an NGINX Plus subscription.