Encrypted-Session

The Encrypted Session dynamic module provides encryption and decryption support for NGINX variables based on AES-256 with MAC. It is usually used with the Set-Misc dynamic module and the NGINX rewrite module.

Prerequisites

1. Check the Technical Specifications page to verify that the module is supported by your operating system.

2. Prior to installing the module, verify that the NDK module is already installed.

Installation

1. Install the Encrypted Session module package nginx-plus-module-encrypted-session.

   For Amazon Linux 2, CentOS, Oracle Linux, and RHEL:

   yum install nginx-plus-module-encrypted-session
   

   for Amazon Linux 2023, AlmaLinux, Rocky Linux:

   dnf install nginx-plus-module-encrypted-session
   

   For Debian and Ubuntu:

   apt-get install nginx-plus-module-encrypted-session
   

   For SLES:

   zypper install nginx-plus-module-encrypted-session
   

   For Alpine:

   apk add nginx-plus-module-encrypted-session
   

   For FreeBSD:

   pkg install nginx-plus-module-encrypted-session
   

Configuration

After installation you will need to enable and configure the module in F5 NGINX Plus configuration file nginx.conf.

1. Put the load_module directive in the top‑level (“main”) context of NGINX Plus configuration file, nginx.conf:

   load_module modules/ndk_http_module.so;
   load_module modules/ngx_http_encrypted_session_module.so;
   

   Note:
   The directives must be in this order.

2. Perform additional configuration as required by the module.

3. Test the configuration and reload NGINX Plus to enable the module:

   nginx -t && nginx -s reload
   

More Info

• NGINX encrypted-session-nginx-module Module Reference

• NGINX Dynamic Modules

• NGINX Plus Technical Specifications