* 라이센스에 따른 별도 정책 설정됨

 - 이제 각 NGINX Plus 인스턴스에는 JWT 라이선스 파일이 필요합니다. 
 - JWT는 MyF5에서 가져와야 하며 Linux의 경우 /etc/nginx/, FreeBSD의 경우    
   /usr/local/etc/nginx/ 또는 mgmt 컨텍스트의 License_token에 지정된 경로에 있어야 합니다.

 - license Check 를 위한 NGINX one 및 NGINX Instance Manager 를 구성해야 할 수도 있습니다.

 - 해당 NGINX Plus R33 업데이트 관련 문의는 [email protected] 로 문의 부탁드립니다.



------------------------------------------------------------------------------------------------------------

19 November 2024
Based on NGINX Open Source 1.27.2

NGINX Plus R33 is a feature release:

  • Licensing: Each NGINX Plus instance now requires a JWT license file. The JWT must be obtained from MyF5 and is expected to be located at /etc/nginx/ for Linux or /usr/local/etc/nginx/ for FreeBSD or at the path specified by the license_token in the mgmt context.

  • NGINX usage reporting: Usage report is sent to F5 licensing endpoint every hour using the secure connection. The initial usage report should be sent once NGINX Plus starts after installation or upgrade to R33. If the initial usage report is not received by the endpoint, NGINX Plus will stop processing traffic. A 180-day grace period can be enabled to submit the initial usage report.

    Optionally, for network-restricted environments, reporting can be configured to NGINX Instance Manager from which the report can be sent to F5 licensing endpoint.

    For more information about licensing and usage reporting, see About subscription licenses article and ngx_mgmt_module module documentation.

  • OCSP stapling support and client certificate validation with OCSP in the stream module with the ssl_ocsp and ssl_ocsp_responder directives.

  • SSL key logging with the ssl_key_log directive for httpstreamproxygrpcuwsgi that allows logging SSL keys created during client and upstream connections to the file. The argument is a file name in the SSLKEYLOGFILE format compatible with Wireshark.

  • SSL Certificate Caching: Fixed loading of trusted CA bundles containing entries with duplicate Distinguished Name (DN).

  • Change: the ssl_client_certificate directive is not required for client SSL certificates verification.

  • Response trailers support in proxy with the proxy_pass_trailers directive that allows passing trailer fields from a proxied server to a client.

  • The NGINX JavaScript module was updated to version 0.8.7, featuring QuickJS runtime support.

  • Added initial support for Post Quantum Cryptography.

NGINX Plus R33 is supported on:

  • AlmaLinux 8, 9
  • Alpine Linux 3.17, 3.18, 3.19, 3.20
  • Amazon Linux 2 LTS, 2023
  • Debian 11, 12
  • FreeBSD 13, 14
  • Oracle Linux 8.1+, 9
  • RHEL 8.1+, 9.0+
  • Rocky Linux 8, 9
  • SUSE Linux Enterprise Server 12, 15 SP5+
  • Ubuntu 20.04 LTS, 22.04 LTS, 24.04 LTS

Notes:

  • Alpine Linux 3.16 is removed
  • Alpine Linux 3.17 is deprecated
  • Alpine Linux 3.20 is new in this release
  • CentOS 7.4+ is removed
  • RHEL 7.4+ is removed
  • Oracle Linux 7.4+ is removed
  • SUSE Linux Enterprise Server 12 is deprecated
  • support for s390x architecture removed
  • the Lua module is no longer available for SUSE Linux Enterprise Server 12

More information: Announcing NGINX Plus R33