Welcome! Log In Create A New Profile

Advanced

keepalive_timeout timeout causes high TTFB

Previous Message Next Message
Forum List Message List New Topic Print View
khav
July 24, 2015 09:40AM
I am trying to further optimize SSL but if i enable keepalive_timeout i get high TTFB as shown in the report below

http://tools.pingdom.com/fpt/#!/KggzF

When i disable keepalive_timeout , TTFB is fixed but nginx recommand keepalive_timeout : http://nginx.org/en/docs/http/configuring_https_servers.html

Why does this happen ?

I welcome any other advice to further optimise SSL

Thanks

listen 443 spdy default_server reuseport;
ssl on;
ssl_certificate /etc/ssl/filterbypass.me.crt; #(or .pem)
ssl_certificate_key /etc/ssl/filterbypass.me.key.nopass;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#keepalive_timeout 70;
#ssl_ciphers ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
ssl_prefer_server_ciphers on;
ssl_buffer_size 8k;
ssl_session_cache shared:SSL:20m;
ssl_dhparam /etc/ssl/dhparam.pem;
ssl_session_timeout 45m;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/trustchain.crt;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
Reply Quote
RSS
Subject Author Posted

keepalive_timeout timeout causes high TTFB

khav July 24, 2015 09:40AM

Re: keepalive_timeout timeout causes high TTFB

Valentin V. Bartenev July 24, 2015 10:32AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

itpp2012
Guests: 256
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready