Re: Multiple SSL enabled hosts causes nginx to reload slowly - Maxim Dounin - ru.sysoev.nginx

4 messages in ru.sysoev.nginxRe: Multiple SSL enabled hosts causes...

From	Sent On	Attachments
runesoerensen	May 18, 2011 5:39 pm
Maxim Dounin	May 19, 2011 3:42 am
runesoerensen	Jul 26, 2011 7:48 pm
Maxim Dounin	Jul 27, 2011 12:25 am

Subject:	Re: Multiple SSL enabled hosts causes nginx to reload slowly
From:	Maxim Dounin (mdou...@mdounin.ru)
Date:	Jul 27, 2011 12:25:49 am
List:	ru.sysoev.nginx

Hello!

On Tue, Jul 26, 2011 at 10:48:49PM -0400, runesoerensen wrote:

Hi Maxim,

Thanks for looking into this - I may apply the fix you propose sometime in the future.

The solution I ended up with was kind of weird. I simply put the ssl_certificate related directives inside a "faux" server directive, that's also the first server directive containing ssl directives. As nginx picks the first one it finds, the correct certificate is still being inherited by other server directives. This caused the startup time to be drastically reduced.

Just FYI: Igor recently committed a change to generate temporary 512-bit RSA keys on the fly and only when needed. This should resolve problems with slow startup in all cases.

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets