> Note that SSL is likely the most important contributor to CPU
> utilization in this setup. It might be a good idea to carefully
> tune ciphers used.
I believe I have set this fairly appropriately. If you know of a resource
that would explain this in more detail I would appreciate it.
> To r
Thank you for the response Maxim.
Unfortunately, while it reinforces what my understanding is from the
documentation, it doesn't allow me to reconcile what I am seeing or help me
understand how to tune properly.
Let me explain what I am seeing now based upon your explanation.
(N.B.: In my initia
I had/have an issue where I am proxying from NGINX to a backend WebDAV
server.
My upload speeds were slow and had long pauses in them including very long
pauses at the end (5 minutes or more on uploads around 1GB).
Via packet captures I found that the NGINX server was not transmitting data
synchro
Yes, it is solved with the proper cert configuration.
I hadn't fully validated some advanced SSL options like OCSP stapling as I
was first trying to get all the basics working.
Since my browsers all validated the certificate chain without issue, I had
assumed they were installed properly.
I've had
Figured it out!
https://www.reddit.com/r/nginx/comments/eodrjc/nginx_stripping_websocket_upgrade_headers/
fireye quote:
Got it figured out, this is a quirk of HTTP/2.0 vs 1.1. Per RFC-2616:
The Upgrade header field is intended to provide a simple mechanis
I have the following in my site.conf file:
#Websockets
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
---