0
0
NginxHow-ToBeginner · 3 min read

How to Configure SSL Session Cache in Nginx for Faster HTTPS

To configure SSL session cache in Nginx, use the ssl_session_cache directive to define the cache type and size, and ssl_session_timeout to set how long sessions stay valid. This setup helps speed up HTTPS connections by reusing SSL sessions instead of creating new ones each time.
📐

Syntax

The ssl_session_cache directive sets the cache type and size for SSL sessions. Common types are shared (shared memory cache) and builtin (default internal cache). The ssl_session_timeout directive defines how long a cached session remains valid.

  • ssl_session_cache: Format is ssl_session_cache zone=name:size; where name is the cache zone name and size is memory size (e.g., 10m).
  • ssl_session_timeout: Time duration like 10m for 10 minutes.
nginx
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
💻

Example

This example shows how to enable SSL session caching in the server block of your Nginx configuration. It uses a shared memory cache named SSL with 10 megabytes of storage and sets session timeout to 10 minutes.

nginx
server {
    listen 443 ssl;
    server_name example.com;

    ssl_certificate /etc/nginx/ssl/example.com.crt;
    ssl_certificate_key /etc/nginx/ssl/example.com.key;

    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;

    location / {
        root /var/www/html;
        index index.html;
    }
}
Output
Nginx starts successfully and caches SSL sessions for 10 minutes, improving HTTPS connection speed for returning clients.
⚠️

Common Pitfalls

Common mistakes when configuring SSL session cache include:

  • Not using a shared cache type, which disables session reuse across worker processes.
  • Setting the cache size too small, causing frequent cache evictions and reduced performance.
  • Forgetting to set ssl_session_timeout, which defaults to 5 minutes and might be too short for some use cases.
  • Placing the directives outside the http or server context, causing configuration errors.
nginx
Wrong:
ssl_session_cache builtin:10m;

Right:
ssl_session_cache shared:SSL:10m;
📊

Quick Reference

DirectivePurposeExample
ssl_session_cacheDefines SSL session cache type and sizessl_session_cache shared:SSL:10m;
ssl_session_timeoutSets how long SSL sessions stay validssl_session_timeout 10m;
ssl_session_ticketsEnables or disables session tickets (optional)ssl_session_tickets off;

Key Takeaways

Use ssl_session_cache with shared memory to enable session reuse across workers.
Set ssl_session_timeout to control how long sessions remain valid for faster reconnects.
Choose an appropriate cache size to avoid frequent evictions and maintain performance.
Place SSL session cache directives inside the http or server block in nginx.conf.
Disabling ssl_session_tickets can improve security but is optional.

Related by keyword

How to Configure Caching in Nginx for Faster Web PerformanceCachingHow to Use fastcgi_cache in Nginx for Faster Web PerformanceCachingHow to Use proxy_cache_valid in Nginx for Cache ControlCachingHow to Cache Static Files in Nginx for Faster LoadingStatic FilesHow to Configure gzip Compression in nginx for Faster Web PerformanceStatic Files

Up next

Round Robin vs Least Connections in NGINX: Key Differences and UsageWhat is Upstream in Nginx: Explanation and ExampleHow to Bypass Cache in Nginx: Simple Configuration GuideHow to Purge Cache in Nginx: Clear Cached Content Easily

More in SSL TLS

How to Auto Renew SSL Certificate in Nginx EasilyHow to Configure HSTS in Nginx for Secure HTTPSHow to Configure SSL Ciphers in Nginx for Secure ConnectionsHow to Configure SSL in Nginx: Simple Steps