From 398036440b387d8bb5cbcba64ed9f12ba1a5b7cd Mon Sep 17 00:00:00 2001 From: AD7six Date: Mon, 28 Jul 2014 14:29:04 +0000 Subject: [PATCH] add increased ssl timeout --- h5bp/directive-only/ssl.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/h5bp/directive-only/ssl.conf b/h5bp/directive-only/ssl.conf index aa8e29c..fac81fc 100644 --- a/h5bp/directive-only/ssl.conf +++ b/h5bp/directive-only/ssl.conf @@ -22,6 +22,9 @@ ssl_session_timeout 10m; # of such infrastructure, consider turning off session tickets: ssl_session_tickets off; +# Use a higher keepalive timeout to reduce the need for repeated handshakes +keepalive_timeout 300; # up from 75 secs default + # This default SSL certificate will be served whenever the client lacks support for SNI (Server Name Indication). # Make it a symlink to the most important certificate you have, so that users of IE 8 and below on WinXP can see your main site without SSL errors. #ssl_certificate /etc/nginx/default_ssl.crt;