ssl_client_ciphersuites - TLS client ciphers for TLS 1.3, e.g. ssl_client_ciphersuites TLS_AES_128_GCM_SHA256
ssl_server_ciphersuites - TLS server ciphers for TLS 1.3
ssl_client_cipher_list - TLS client ciphers for TLS 1.2 and below , e.g. ssl_client_cipher_list ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
ssl_server_cipher_list - TLS server ciphers for TLS 1.2 and below
ssl_client_min_proto_version - TLS client min TLS version (e.g. TLSv1.2)
ssl_server_min_proto_version - TLS server min TLS version (e.g. TLSv1.2)
ssl_client_max_proto_version - TLS client max TLS version (e.g. TLSv1.2)
ssl_server_max_proto_version - TLS server max TLS version (e.g. TLSv1.2)
ssl_client_verify - verify certificate for upstream server in TLS client functionality
ssl_client_no_verify - do not verify certificate for upstream server in TLS client functionality (default)
`proxy -g8000,3,10`
First parameter is average read size we want to keep, second parameter is
minimal number of packets in the same direction to apply algorythm,
last value is delay added after polling and prior to reading data.
An example above adds 10 millisecond delay before reading data if average
polling size is below 8000 bytes and 3 read operations are made in the same
direction. It's specially usefule with splice. `logdump 1 1` is useful
to see how grace delays work, choose delay value to avoid filling the read
pipe/buffer (typically 64K) but keep the request sizes close to chosen average
on large file upload/download.
