• Tengine SSL/TLS asynchronous mode


Provide information about how to enable SSL/TLS asynchronous in Tengine.

  • SSL/TLS asynchronous mode is provided by OpenSSL 1.1.0+ version.


Build Tengine with configuration item '--with-http_ssl_module' and '--with-openssl-async'.


Syntax: ssl_async on | off;

Default: ssl_async off;

Context: http, server

Enables SSL/TLS asynchronous mode for the given virtual server.


file: conf/nginx.conf

http {
ssl_async on;
server {


http {
server {
ssl_async on;


To demostrate the asynchronous mode of SSL/TLS, it needs an asynchronous enabled
engine support. As a reference implementation, OpenSSL 1.1.0+ version provides
an 'dasync' engine which support the asynchronous working flow.
'dasync' engine will be built as a shared library '' in engines/
Please use below reference openssl.cnf file to enable it for RSA offloading.

openssl_conf = openssl_def
engines = engine_section
dasync = dasync_section
engine_id = dasync
dynamic_path = /path/to/openssl/source/engines/
default_algorithms = RSA

For more details information, please refer to

Offload SSL

Tengine used ssl_async QAT offload SSL computationally intensive, could make double's ability to handle the HTTPS, more detailed reference Tengine offload SSL document.