On Tue, Jul 26, 2011 at 10:48:49PM -0400, runesoerensen wrote:
Thanks for looking into this - I may apply the fix you propose sometime
in the future.
The solution I ended up with was kind of weird. I simply put the
ssl_certificate related directives inside a "faux" server directive,
that's also the first server directive containing ssl directives. As
nginx picks the first one it finds, the correct certificate is still
being inherited by other server directives. This caused the startup time
to be drastically reduced.
Just FYI: Igor recently committed a change to generate temporary
512-bit RSA keys on the fly and only when needed. This should
resolve problems with slow startup in all cases.