Hi tech@,
One more quick change to the TLS acceleration example in
/etc/examples/relayd.conf. The man page recommends match header set
"Keep-Alive" value "$TIMEOUT" while the example in
/etc/examples/relayd.conf uses match request header set "Connection"
value "close"
This tripped me up once when I forgot to make this change and couldn't
understand why I was running into difficulty with the connection
closing prematurely. Diff below
Thanks,
Matt
Index: relayd.conf
===================================================================
RCS file: /cvs/src/etc/examples/relayd.conf,v
retrieving revision 1.3
diff -u -p -r1.3 relayd.conf
--- relayd.conf 12 Dec 2014 10:05:09 -0000 1.3
+++ relayd.conf 24 Mar 2018 14:02:21 -0000
@@ -40,13 +40,15 @@ http protocol https {
match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
match request header append "X-Forwarded-By" \
value "$SERVER_ADDR:$SERVER_PORT"
- match request header set "Connection" value "close"
+ match header set "Keep-Alive" value "$TIMEOUT"
+
+ match query hash "sessid"
# Various TCP performance options
tcp { nodelay, sack, socket buffer 65536, backlog 128 }
# tls { no tlsv1.0, ciphers HIGH }
-# tls session cache disable
+# tls no session tickets
}
relay wwwtls {
