I’m running nginx with SSL on Ubuntu 10.04LTS. Chrome gives me this annoying warning when I inspect the certificate:
The connection is not compressed.
In the response it looks like it is being sent gzipped though:
Cache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection:keep-alive Content-Encoding:gzip Content-Type:text/html; charset=utf-8 Date:Sun, 12 Feb 2012 09:00:38 GMT Expires:Thu, 19 Nov 1981 08:52:00 GMT Pragma:no-cache Server:nginx/1.0.5 Transfer-Encoding:chunked Vary:Accept-Encoding X-Powered-By:PHP/5.3.6-13ubuntu3.3`
Since this question was asked, a serious security vulnerability (the BEAST attack) was discovered making it possible to compromise an SSL/TLS session if the SSL/TLS session is compressed. To mitigate this, both servers and browsers are beginning to disable compression; you will need to use HTTP compression instead, and that only sparingly if at all, to mitigate yet another vulnerability (the CRIME attack).
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.