我在我的 nginx 服务器上使用以下 SSL 配置:
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 30m;
ssl_certificate /path/to/fullchain.pem;
ssl_certificate_key /path/to/privkey.pem;
ssl_dhparam /path/to/dhparam.pem;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
ssl_protocols TLSv1.2 TLSv1.3;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /path/to/chain.pem;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
ssl_session_tickets off;
ssl_prefer_server_ciphers on;
ssl_buffer_size 4k;
问题是 SSL 连接时间在我看来相当长(400 毫秒),至少根据bytecheck.com。我听说过于安全和缓慢的密码会导致这种情况,但我不确定我的情况是否如此。
网站网址为:proseosite.ru