keepalive_timeout timeout causes high TTFB
khav
nginx-forum at nginx.us
Fri Jul 24 13:40:40 UTC 2015
I am trying to further optimize SSL but if i enable keepalive_timeout i get
high TTFB as shown in the report below
http://tools.pingdom.com/fpt/#!/KggzF
When i disable keepalive_timeout , TTFB is fixed but nginx recommand
keepalive_timeout :
http://nginx.org/en/docs/http/configuring_https_servers.html
Why does this happen ?
I welcome any other advice to further optimise SSL
Thanks
listen 443 spdy default_server reuseport;
ssl on;
ssl_certificate /etc/ssl/filterbypass.me.crt; #(or .pem)
ssl_certificate_key /etc/ssl/filterbypass.me.key.nopass;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#keepalive_timeout 70;
#ssl_ciphers
ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM;
ssl_ciphers
ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
ssl_prefer_server_ciphers on;
ssl_buffer_size 8k;
ssl_session_cache shared:SSL:20m;
ssl_dhparam /etc/ssl/dhparam.pem;
ssl_session_timeout 45m;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/trustchain.crt;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,260541,260541#msg-260541
More information about the nginx
mailing list