roles/nginx: Set nginx SSL session timeout to 24 hours

Default is 5 minutes, but it seems like unless you're a high-traff- ic site, there's no need to expire sessions so quickly. Also, the istlsfastyet.com configs are using 24 hours, so surely we can. Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-12-06 22:19:12 +03:00 · 2014-12-06 22:19:12 +03:00 · 23d76a535f
parent d8cd31049b
commit 23d76a535f
1 changed files with 1 additions and 1 deletions
--- a/roles/nginx/templates/https.j2
+++ b/roles/nginx/templates/https.j2
@ -5,7 +5,7 @@
    ssl_certificate {{ tls_key_dir }}/{{ domain_name }}.crt.pem;
    ssl_certificate_key {{ tls_key_dir }}/{{ domain_name }}.crt.pem;

-    ssl_session_timeout 5m;
+    ssl_session_timeout 24h;            # 24 hour timeout
    ssl_session_cache shared:SSL:1m;    # 1MB -> 4,000 sessions
    ssl_buffer_size 1400;               # 1400 bytes to fit in one MTU