Friday, November 20, 2015

Cache and SSL in Chrome on Ubuntu Linux

I had a hard time testing if cache headers I've added to static files are working. Firefox was working as supposed, while Chrome wasn't.

Here is the Nginx configuration I was testing:

    # static files
    location ~ ^/(***)?$ {
        root ***;
        try_files $uri /;
        add_header Cache-Control "max-age=3600";
        gzip on;
        #etag on;
        access_log off;

I was trying different combinations to find out why sometimes the files where taken from cache (looking to developer's console in Chrome) and why other times Chrome was always making requests with response 200.

My tests showed that my Chrome was using cache if both Cache-Control and ETag headers where present. The problem is that if `etag on` directive is enabled together with `gzip on`, etags are not generated:

When I disable gzip and enable etag, cache works ok.

But my colleagues say that in their browsers, including Chrome on OSX cache works as expected.

It turned out that the server I was testing on had a self signed certificate, and Chrome has issues with caching in such cases:

I tried to export the certificate and import it back as a trusted certificate, but it didn't work. They say:

Google Chrome in Linux doesn’t have a SSL certificate manager, it relies on the NSS Shared DB.

Now cache works as expected in my Chrome on Ubuntu Linux.

No comments:

Post a Comment