New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SSL application configuration #1335
Comments
Yes it could go in our |
Yes, that is where it should end up. Should we add a warning message for when these settings are not changed? |
The defaults NGINX uses look sensible to me. About 20000 entries and 5 minute session expiration time. It mentions that 4000 sessions take up 1 Mb of memory. |
Agreed on the NGINX defaults. @mmzeeman Please open a PR with these lines added to |
When you have a busy site with lots of ssl connections the default configuration options of the ssl session manager don't really work. It may keeps ssl sessions for 24 hours, but has just room for 1000 sessions in the table. When the table is full, all sessions in the table are invalidated. When you have a busy site you see this happen often and the ssl_manager's mailbox is filled with hundreds of messages.
Something needs to be written about this somewhere, and the erlang.config.in needs good ssl session defaults which works for web-servers. Maybe something like this?
The text was updated successfully, but these errors were encountered: