I noticed when visiting https://f-droid.org that it was really slow and every connection took multiple seconds just to establish. I could even see “Doing TLS handshake…” in the status bar of my browser, which should not be visible as it should be too fast to notice.
So I did a scan with SSLLabs, where I also saw that one server could not be scanned at all. (“Unable to connect to the server” – 188.8.131.52 quash.acge.com)
So first thing, you include the root certificate in the cert chain you send through the wire. This is completely unnecessary as it is built-in into browsers.
Enabling OCSP stapling would be another thing, where you can gain speed (at least for Firefox, which still checks OCSP when not-stapled).
The final and probably best thing you should do is to enable/use HTTP/2, which comes with an enormous speed gain.
BTW the cipher
TLS_RSA_WITH_3DES_EDE_CBC_SHA can be removed as nobody supports it and 3DES is, as it says, “weak”. Even Android Android 2.3.7 supports a more recent cipher, so you should not have compatibility problems.