From d381e5030d3275e407f1a55525c5d5f557de0019 Mon Sep 17 00:00:00 2001
From: Denis Denisov <denji0k@gmail.com>
Date: Fri, 27 Jul 2018 00:42:21 +0300
Subject: [PATCH] Selecting based on SSL/TLS protocol version

http://nginx.org/en/docs/stream/ngx_stream_ssl_preread_module.html#example
---
 README.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/README.md b/README.md
index c5e2c25..bd22c7b 100644
--- a/README.md
+++ b/README.md
@@ -227,6 +227,23 @@ Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
 [Multi-threaded](https://nginx.org/r/aio) sending of files is currently supported only Linux.
 Without [`sendfile_max_chunk`](https://nginx.org/r/sendfile_max_chunk) limit, one fast connection may seize the worker process entirely.
 
+Selecting an upstream based on SSL protocol version
+---------------------------------------------------
+```nginx
+map $ssl_preread_protocol $upstream {
+    ""        ssh.example.com:22;
+    "TLSv1.2" new.example.com:443;
+    default   tls.example.com:443;
+}
+
+# ssh and https on the same port
+server {
+    listen      192.168.0.1:443;
+    proxy_pass  $upstream;
+    ssl_preread on;
+}
+```
+
 Happy Hacking!
 ==============