Hello,
I am optimizing our install of nginx for SSL performance, since our SaaS app is served exclusively over https. I have the following SSL performance directives:
ssl_session_cache shared:SSL_CACHE:4m;
ssl_session_timeout 5m;
My question is, what is the downfall, if any, of setting the timeout to like 720m which is 12 hours. Seems like caching longer would be better. Or, is there a security risk of caching for such a long time?
Thanks.
I am optimizing our install of nginx for SSL performance, since our SaaS app is served exclusively over https. I have the following SSL performance directives:
ssl_session_cache shared:SSL_CACHE:4m;
ssl_session_timeout 5m;
My question is, what is the downfall, if any, of setting the timeout to like 720m which is 12 hours. Seems like caching longer would be better. Or, is there a security risk of caching for such a long time?
Thanks.