Login/Register
HTTP2 is available but server refuses to use it why it may be?
Asked Answered
Solved apachecurlhttp2
D

1

9

I have successfully set up http2 for my virtual host but when I try to access the url via curl it looks like server refuses connection over http2 and accepts http1. Can anyone explain why it may be? and how can I tell my server to use http2 in the first place.

Below is the curl output of the site I am trying to configure http2 for.

* Rebuilt URL to: https://example.com/
*   Trying 172.24.112.31...
* TCP_NODELAY set
* Connected to example.com (172.24.112.31) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [221 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [112 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
    { [2426 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [300 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [37 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: OU=Domain Control Validated; CN=*.example.com
*  start date: Jun  9 09:24:31 2016 GMT
*  expire date: Jun 10 09:24:31 2019 GMT
*  subjectAltName: host "example.com" matched cert's     "*.example.com"
*  issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Domain Validation CA - SHA256 - G2
*  SSL certificate verify ok.
} [5 bytes data]
> GET / HTTP/1.1
> Host: example.com
> User-Agent: curl/7.58.0
> Accept: */*
> 
{ [5 bytes data]
< HTTP/1.1 302 Found
< Date: Thu, 08 Mar 2018 08:54:23 GMT
< Server: Apache/2.4.29 (Ubuntu)
< Location: https://example.com
< Content-Length: 315
< Content-Type: text/html; charset=iso-8859-1
< 
{ [315 bytes data]
* Connection #0 to host example.com left intact

Below two lines are of my focus here,

* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1

even though http2 is available it is not used by server but http1.1 is used. Please help me to understand this and configure http2 the right way.

Thanks!

Disaccharide answered 8/3, 2018 at 9:11 Comment(2)
this is an apache config matter, so you should probably show that instead of the curl invoke...Speakeasy
https://mcmap.net/q/1171092/-http-2-configuration-not-running-after-mod_http2-enabled-and-protocols-set-in-conf-file-duplicate This helped meVltava
D
23

I found solution over Internet and I am updating this to help people who encounter the same problem. when I examined the apache errorlog file, I found a warning that goes like...

[http2:warn] [pid 8494] AH10034: The mpm module (prefork.c) is not supported by mod_http2. The mpm determines how things are processed in your server. HTTP/2 has more demands in this regard and the currently selected mpm will just not do. This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive.

Then After an hour of googling, I came to know that this is an issue with the prefork module while configuring HTTP2.0 on apache. You can find more on this particular issue and a detailed steps to configure http2 at this location..

If you don't want to have any troubles while configuring http2 I hope this document will help you for sure.

I followed those steps and my problem was solved.

Disaccharide answered 8/3, 2018 at 13:38 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.