On Sat, May 05, 2012 at 06:23:24PM +0530, Sparsh Gupta wrote:
> Hello
>
> I am using nginx 2.0 built with OpenSSL 0.9.8 and I have the following
> configuration for my ssl:
>
> listen 443 ssl;
> ssl_certificate /etc/ssl/private/wildcardcert.crt;
> ssl_certificate_key /etc/ssl/private/wildcardcert.key;
> ssl_session_cache shared:SSL:20m;
> ssl_session_timeout 5m;
> ssl_prefer_server_ciphers on;
>
>
> Since I dont have ssl_ciphers I assume its picking up the default settings '
> HIGH:!ADH:!MD5;'
>
> I found quite a few articles to make the SSL connection strong and more
> secure but I am looking for a solution which is fastest in terms of
> negotiating an SSL connection. Can you recommend me some ssl_cipher / other
> settings I should try to boost speed. I dont transfer any secure data so I
> am not concerned about security.
>
> Thanks
> Sparsh Gupta
Here is what we use for a use case with similar requirements:
ssl_ciphers RC4:AES128+SHA:!kEDH:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
RC4 is the fastest without hardware assist. If you have hardware support in
your processor for AES, put the AES128 first, instead of RC4.
Regards,
Ken
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx