Re: number of keepalive connections to an upstream

2024-03-20 Thread Igor Ippolitov
Sébastien, Keepalive in an upstream defines a pool of connections attached to that upstream. The main purpose of the pool is to reduce the amount of new TCP connections: the fewer new connections you open the less load you have. Any specific recommendation will fail in some case. So the real

Re: Unable to activate TLS1.3

2024-03-20 Thread Taco de Wolff
I figured it out. One of the servers that is listening on 443 uses "ssl_reject_handshake on;" and thus I didn't define an ssl_certificate + ssl_certificate_key + ssl_trusted_certificate as it is not (and should not be) required. For some reason, this disabled TLS1.3 for all servers quite unexpected