Nginx中文文档

MailSSL

This module ensures SSL/TLS support for POP3/IMAP/SMTP. Configuration is practically identical to the configuration of the HTTP SSL module, but checking client certificates is not supported.
这个模块使得POP3/IMAP/SMTP可以使用SSL/TLS.配置已经定义了HTTP SSL模块,但是不支持客户端证书检测。

ssl

syntax: ssl on | off

default: ssl off

context: mail, server

Enables SSL/TLS for this virtual server.
在虚拟服务器中启用SSL/TLS

ssl_certificate

syntax: ssl_certificate file

default: cert.pem

context: mail, server

Indicates file with the certificate in PEM format for this virtual server. The same file can contain other certificates, and also secret key in PEM format.
显示虚拟服务器上的PEM格式的证书文件。同一文件可以包含其他的证书和包含PEM格式的安全码。

ssl_certificate_key

syntax: ssl_certificate_key file

default: cert.pem

context: mail, server

Indicates file with the secret key in PEM format for this virtual server.
显示虚拟服务器中PEM格式的安全码文件

ssl_ciphers

syntax: ssl_ciphers file ciphers

default: ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP

context: mail, server

Directive describes the permitted ciphers. Ciphers are assigned in the formats supported by OpenSSL.
指令描述了容许的SSL chiphers.chiphers都被使用了OpenSSL支持的格式.

ssl_prefer_server_ciphers

syntax: ssl_prefer_server_ciphers on | off

default: off

context: mail, server

Requires protocols SSLv3 and TLSv1 server ciphers be preferred over the client's ciphers.
需要SSLv3协议,TLSv1 服务器端米阿么优先于客户端密码

ssl_protocols

syntax: ssl_protocols [SSLv2] [SSLv3] [TLSv1]

default: SSLv2 SSLv3 TLSv1

context: mail, server

Directive enables the protocols indicated.
指令显示协议

ssl_session_cache

syntax: ssl_session_cache [builtin[:size [shared:name:size]

default: builtin:20480

context: mail, server

The directive sets the types and sizes of caches to store the SSL sessions.
指令设置了类型和存储SSL 会话的缓存的大小.
The cache types are:
缓存类型为:

It is possible to use both types of cache simultaneously, for example:
可能同时使用2中类型的缓存,例如
ssl_session_cache  builtin:1000  shared:SSL:10m;

However, the only shared cache usage without that builtin should be more effective.
然而,共享缓存只有在内部缓存之外使用才能产生更好的效果。

ssl_session_timeout

syntax: ssl_session_timeout time

default: 5m

context: mail, server

Assigns the time during which the client can repeatedly use the parameters of the session, which is stored in the cache.
在使用中客户端重复使用的会话参数被存储在缓存中。

starttls

syntax: starttls on | off | only

default: off

context: mail, server