Encrypted-Session

The Encrypted Session dynamic module provides encryption and decryption support for NGINX variables based on AES-256 with MAC. It is usually used with the Set-Misc dynamic module and the NGINX rewrite module.

Prerequisites

Check the Technical Specifications page to verify that the module is supported by your operating system.
Prior to installing the module, verify that the NDK module is already installed.

Installation

Install the Encrypted Session module package nginx-plus-module-encrypted-session.

For Amazon Linux 2, CentOS, Oracle Linux, and RHEL:

sudo yum update && \
sudo yum install nginx-plus-module-encrypted-session

for Amazon Linux 2023, AlmaLinux, Rocky Linux:

sudo dnf update && \
sudo dnf install nginx-plus-module-encrypted-session

For Debian and Ubuntu:

sudo apt update && \
sudo apt install nginx-plus-module-encrypted-session

For SLES:

sudo zypper refresh && \
sudo zypper install nginx-plus-module-encrypted-session

For Alpine:

apk add nginx-plus-module-encrypted-session

For FreeBSD:

sudo pkg update && \
sudo pkg install nginx-plus-module-encrypted-session

Configuration

After installation you will need to enable and configure the module in F5 NGINX Plus configuration file nginx.conf.

Put the load_module directive in the top‑level (“main”) context of NGINX Plus configuration file, nginx.conf:

load_module modules/ndk_http_module.so;
load_module modules/ngx_http_encrypted_session_module.so;

http {
    # ...
}

Note:
The directives must be in this order.

Perform additional configuration as required by the module.

Test the NGINX Plus configuration. In a terminal, type-in the command:

nginx -t

Expected output of the command:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf is successful

Reload the NGINX Plus configuration to enable the module:
nginx -s reload
```
nginx -s reload
```

More Info

View source

Edit this page

Create a new issue