Analyzer ngx-ssl-server-conf

# Name

ngx-ssl-server-conf - Sample the Server Configurations by Requests

This analyzer samples and analyzes SSL/TLS server configurations based on incoming request patterns in Nginx, OpenResty, and Kong deployments. It captures SSL-related configuration parameters associated with active connections, including cipher suites, protocol versions, and certificate details. The analyzer outputs bar chart visualizations showing configuration distribution across requests, facilitating SSL/TLS security audits and optimization.

# Resource Category

Network I/O.

# Application Type & Technical Stack

• OpenResty
• Kong
• APISIX

# Command Line Syntax

The analyzer can be invoked directly on the command-line via the orxray utility from the openresty-xray-cli software package.

Alternatively, the analyzer can also be invoked manually or automatically on the web console UI of OpenResty XRay (like on the Advanced web page).

# PID is the target process PID.
orxray analyzer run ngx-ssl-server-conf -p PID

# trace a shell command directly
orxray analyzer run ngx-ssl-server-conf -c SHELL_CMD

# PGID is the process group ID or any process's PID within the target process
# group.
orxray analyzer run ngx-ssl-server-conf -p -PGID

# trace any processes started from the specified executable path.
orxray analyzer run ngx-ssl-server-conf --exe /path/to/exe/file

# Tracing Multiple Processes

Supported.

# Output Formats

• Bar Charts
• Plain Texts

# Output Example

[
  {
    "title": "Nginx SSL Session Ticket Number Distribution",
    "subtitle": "",
    "series": {
      "data": {
        "1": 20
      },
      "name": "Handshake Count"
    },
    "ver": 1,
    "type": "bar"
  }
]

# Author

The OpenResty Inc. Team.

# Copyright

Copyright (C) by OpenResty Inc. All rights reserved.