I noticed when visiting https://f-droid.org that it was really slow and every connection took multiple seconds just to establish. I could even see “Doing TLS handshake…” in the status bar of my browser, which should not be visible as it should be too fast to notice.
So I did a scan with SSLLabs, where I also saw that one server could not be scanned at all. (“Unable to connect to the server” – 5.196.66.24 quash.acge.com)
See SSL Server Test: f-droid.org (Powered by Qualys SSL Labs)
So first thing, you include the root certificate in the cert chain you send through the wire. This is completely unnecessary as it is built-in into browsers.
Enabling OCSP stapling would be another thing, where you can gain speed (at least for Firefox, which still checks OCSP when not-stapled).
The final and probably best thing you should do is to enable/use HTTP/2, which comes with an enormous speed gain.
BTW the cipher TLS_RSA_WITH_3DES_EDE_CBC_SHA can be removed as nobody supports it and 3DES is, as it says, “weak”. Even Android Android 2.3.7 supports a more recent cipher, so you should not have compatibility problems.