Reduce nginx ssl_session_cache to 3m each

main
Florent Daigniere 2 years ago
parent c729954b4a
commit 8539344331

@ -100,7 +100,7 @@ http {
include /etc/nginx/tls.conf;
ssl_stapling on;
ssl_stapling_verify on;
ssl_session_cache shared:SSLHTTP:50m;
ssl_session_cache shared:SSLHTTP:3m;
add_header Strict-Transport-Security 'max-age=31536000';
{% if not TLS_FLAVOR in [ 'mail', 'mail-letsencrypt' ] %}
@ -284,7 +284,7 @@ mail {
{% if TLS and not TLS_ERROR %}
include /etc/nginx/tls.conf;
ssl_session_cache shared:SSLMAIL:50m;
ssl_session_cache shared:SSLMAIL:3m;
{% endif %}
# Advertise real capabilities of backends (postfix/dovecot)

@ -0,0 +1 @@
Reduce the SSL session caches from 50m each to 3m each. This should be good for 12k sessions (within 1day) for each cache and will help reduce memory usage.
Loading…
Cancel
Save