nginx.conf: Massively speed up SSL connections by caching the sessions for 10 minutes rather than constantly re-negotiating
This commit is contained in:
parent
020851039b
commit
43b1015b23
nginx
|
@ -96,5 +96,12 @@ http {
|
|||
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
# Optimize SSL by caching session parameters for 10 minutes. This cuts down on the number of expensive SSL handshakes.
|
||||
# The handshake is the most CPU-intensive operation, and by default it is re-negotiated on every new/parallel connection.
|
||||
# By enabling a cache (of type "shared between all Nginx workers"), we tell the client to re-use the already negotiated state.
|
||||
# Further optimization can be achieved by raising keepalive_timeout, but that shouldn't be done unless you serve primarily HTTPS.
|
||||
ssl_session_cache shared:SSL:10m; # a 1mb cache can hold about 4000 sessions, so we can hold 40000 sessions
|
||||
ssl_session_timeout 10m;
|
||||
|
||||
include sites-enabled/*;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue