Slow downloads over SSL

rafaelr nginx-forum at nginx.us
Sun Feb 1 19:04:21 UTC 2015 

Hi,

I'm trying to find answers to a problem that I'm currently experiencing in
all my servers. Downloads offered over HTTPS are at least 4 times slower
than those delivered over HTTP. All these servers are running nginx/1.6.2.
Here is my nginx.conf in case someone have experienced something similar and
could give me a hint. By the way, when I say 4 x slower I'm being
optimistic... I can download 4-5MB/s over HTTP while https download are
600-700kb/s the fastest I've seen.

user www-data;
worker_processes 2;
pid /run/nginx.pid;
worker_rlimit_nofile 4096;

events {
	worker_connections 1024;
	multi_accept on;
	use epoll;
}

http {
	
	# SSL Configuration
	###################
	ssl_buffer_size 8k;
	ssl_session_cache    shared:SSL_CACHE:20m;
        ssl_session_timeout  4h;
	ssl_session_tickets on;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers ALL:!ADH:!EXP:!LOW:!RC2:!3DES:!SEED:!RC4:+HIGH:+MEDIUM;
	ssl_prefer_server_ciphers on;


	# Custom Settings
	#################
	
	open_file_cache max=10000 inactive=20s;
	open_file_cache_valid 30s;
	open_file_cache_min_uses 2;
	open_file_cache_errors on;
	charset UTF-8;	

	client_body_buffer_size	128K;
	client_header_buffer_size 1k;
	client_max_body_size 25m;
	large_client_header_buffers 4 8k;
	
	fastcgi_buffers 16 16k;
	fastcgi_buffer_size 32k;
	fastcgi_read_timeout 120s;

	client_body_timeout	    20;
	client_header_timeout	20;
	keepalive_timeout    	25;
	send_timeout         	20;
	reset_timedout_connection on;


	# Basic Settings
	################

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;	
	types_hash_max_size 2048;
	server_tokens off;

	server_names_hash_bucket_size 64;
	server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	
	# Logging Settings
	##################

	access_log off;
	error_log /var/log/nginx/error.log;

	
	# Gzip Settings
	###############

	gzip on;
	#gzip_disable "msie6";
	gzip_disable "MSIE [1-6]\.(?!.*SV1)";
	gzip_vary on;
	gzip_proxied any;
	gzip_comp_level 5;
	gzip_buffers 16 8k;
	gzip_http_version 1.1;
	gzip_types text/plain text/css application/json application/x-javascript
text/xml application/xml application/xml+rss text/javascript
application/javascript;
	
	
	# Virtual Host Configs
	######################

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,256386,256386#msg-256386

More information about the nginx mailing list