非常慢的Nginx下载ssl

我有这个vhost </ p>

  server {
server_name admin。 ex.com;
listen 80;
listen [::]:80;
## SSL
#listen 443 ssl;
listen *:443 ssl http2;
listen [::]:443 ssl http2;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

#ssl_ciphers“EECDH + AESGCM:EDH + AESGCM:AES256 + EECDH:AES256 + EDH:ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM -SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384 $
ssl_ciphers EECDH + CHACHA20:EECDH + CHACHA20-draft:EECDH + AES128:RSA + AES128:EECDH + AES256:RSA + AES256 :EECDH + 3DES:RSA + 3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_certificate / etc / nginx / ssl / admin.crt;
ssl_certificate_key /etc/nginx/ssl/admin.key;
nnroot / var / www / admin / public /;
index index.php index.html index.htm;
access_log / var / www / admin / admin.log;
auth_basic“绝密”;
auth_basic_user_file / var / www /admin/.htpasswd;
nnnn location / {
try_files $ uri $ uri / = 404;
allow 192.168.1.1;
#deny all;

location~ \ .php $ {
fastcgi_pass unix :/var/run/php/php7.0-fpm.admin.sock;
fastcgi_intercept_errors on;
fastcgi_split_path_info ^(。+ \ .php)(/。+)$;
fastcgi_index index.php;
include fastcgi_params; \ nfastcgi_param SCRIPT_FILENAME $ document_root / $ fastcgi_script_name;
}

}

}
</ code> </ pre>

通过HTTPS进行SO SLOW,我试图访问 phpmyadmin和我自己的php代码通过http它在2秒内加载HTTPS需要2-3分钟,它自动加载HTML代码,但下载资源(CSS图像)需要花费很多时间,我是 使用带有Nginx 1.9的chrome和自签名证书。

i甚至尝试过curl -i HTTP和HTTPS,两者之间的延迟再次如此之多,我不明白发生了什么! </ p>

UPDATE ::
okay经过一些研究我发现如果我拍摄完全相同VPS的图像并将其应用于更接近我的服务器(法兰克福而不是 NY)它变得更快了。 那是一个距离问题吗?

让我再想一想的是,为什么当我使用HTTP时,它无论服务器是什么都如此之快。 </ p>

有什么想法吗? </ p>
</ div>

展开原文

原文

i have this vhost

    server {
server_name admin.ex.com ;
listen 80 ;
listen [::]:80 ;
##SSL
#listen 443 ssl ;
  listen               *:443 ssl http2 ;
  listen               [::]:443 ssl http2 ;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

#ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384$
ssl_ciphers   EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_session_timeout 10m;
ssl_session_cache   shared:SSL:10m;
ssl_certificate /etc/nginx/ssl/admin.crt;
ssl_certificate_key /etc/nginx/ssl/admin.key;

root /var/www/admin/public/;
index index.php index.html index.htm;
access_log /var/www/admin/admin.log;
auth_basic "Top Secret";
auth_basic_user_file /var/www/admin/.htpasswd;


        location / {
try_files $uri $uri/ =404;
allow 192.168.1.1;
#deny all;

location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.0-fpm.admin.sock;
fastcgi_intercept_errors on;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}

}


}

its SO SLOW over HTTPS , i tried to visit phpmyadmin and my own php code over http it loads in 2 secs with HTTPS it takes 2-3 minutes , it loads the HTML code it self fast , but to download the resources (CSS-images) it takes so much time , i'm using chrome with the Nginx 1.9 and a self signed certificate . i even tried curl -i both the HTTP and HTTPS , again so much latency between the two , i don't understand what's going on !

UPDATE :: okay after some researching i figured out that if i take an image of exactly the same VPS and applied it to one which is in a server closer to me (Frankfurt instead of NY ) that it gets way faster . is it a distance problem then ? What makes me think again is that why when i use HTTP it's so fast no matter what server it is in .

Any ideas ?

dscbxou1900343
dscbxou1900343 检查SSLLabs.com上的配置。并且默认的OpenSSL不支持CHACHA20密码,所以你有一个特殊的构建版本,或者那些没有被使用的密码(同样SSLLabs.com报告会显示这个)。
4 年多之前 回复

1个回答



原来是一个与位置相关的问题。 我将服务器的位置从纽约改为阿姆斯特丹,这似乎解决了这个问题。</ p>

据我所知,服务器可能很远,从而降低了连接速度,但我不明白 为什么它只降低HTTPS下的速度而不是HTTP请求。 有点奇怪!</ p>
</ div>

展开原文

原文

It turned out to be a location-related problem. I changed the location of the server from New York to Amsterdam which seems to solve the problem.

I understand that a server can be far and thus reduce the connection speed but I don't understand why it reduces the speed under HTTPS only and not HTTP requests. Kind of weird!

Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问