Multiple SSL enabled hosts causes nginx to reload slowly
mdounin at mdounin.ru
Wed Jul 27 07:26:30 UTC 2011
On Tue, Jul 26, 2011 at 10:48:49PM -0400, runesoerensen wrote:
> Hi Maxim,
> Thanks for looking into this - I may apply the fix you propose sometime
> in the future.
> The solution I ended up with was kind of weird. I simply put the
> ssl_certificate related directives inside a "faux" server directive,
> that's also the first server directive containing ssl directives. As
> nginx picks the first one it finds, the correct certificate is still
> being inherited by other server directives. This caused the startup time
> to be drastically reduced.
Just FYI: Igor recently committed a change to generate temporary
512-bit RSA keys on the fly and only when needed. This should
resolve problems with slow startup in all cases.
More information about the nginx