diff --git a/roles/nginx/server/templates/nginx.conf.j2 b/roles/nginx/server/templates/nginx.conf.j2
index 081cb3b..c39daad 100644
--- a/roles/nginx/server/templates/nginx.conf.j2
+++ b/roles/nginx/server/templates/nginx.conf.j2
@@ -18,10 +18,12 @@ http {
     access_log {{ nginx_logdir }}/access.log main;
 
     ssl on;
-    ssl_session_cache builtin:1000 shared:SSL:10m;
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:MozSSL:10m;
+    ssl_session_tickets off;
     ssl_protocols {{ tls_protocols }};
     ssl_ciphers {{ tls_ciphers }};
-    ssl_prefer_server_ciphers on;
+    ssl_prefer_server_ciphers off;
 
     server {
         listen 443 ssl http2;