You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Sven Schleier <sv...@vantagepoint.sg> on 2016/06/01 02:16:45 UTC
Tomcat 8.5.2 Beta and HTTP/2
Hi mailinglist,
I just want to play around with the new HTTP/2 implementation of Tomcat 8.5.2 Beta. The tomcat instance is up and running and the h2 support is activated, according to the log during startup:
01-Jun-2016 01:57:52.544 INFO [main] org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol The ["https-openssl-apr-8443"] connector has been configured to support negotiation to [h2] via ALPN
But when I try to connect via nghttp (command line client for HTTP/2), it tells me that h2 is not available.
➜ apache-tomcat-8.5.2 nghttp -v https://127.0.0.1:8443<https://127.0.0.1:8443/>
[ 0.000] Connected
[ERROR] HTTP/2 protocol was not selected. (nghttp2 expects h2)
Some requests were not processed. total=1, processed=0
Here are the version details from Catalina log output during startup:
Server version: Apache Tomcat/8.5.2
Server number: 8.5.2.0
OS Version: 3.13.0-74-generic
JVM Version: 1.7.0_80-b15
Java Home: /usr/lib/jvm/java-7-oracle/jre
org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized (OpenSSL 1.0.2h 3 May 2016)
The server is running on Ubuntu 14.04 (AWS instance).
My Connector configuration looks like this:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
maxThreads="150" SSLEnabled="true" >
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig>
<Certificate certificateKeyFile="conf/server.key"
certificateFile="conf/server.crt"
type="RSA" />
</SSLHostConfig>
</Connector>
Any idea why I cannot connect via HTTP/2?
Thanks and cheers,
Sven
Sven Schleier | Senior Security Consultant
M: +65 9628 2082 | E: sven@vantagepoint.sg<ma...@vantagepoint.sg>
[cid:image001.png@01D1BBEE.B1D93DF0]
Vantage Point Security Pte. Ltd.
61 Ubi Road 1 | Unit 02 08-09 | Oxley Bizhub | Singapore 408727
Re: Tomcat 8.5.2 Beta and HTTP/2
Posted by Sven Schleier <sv...@vantagepoint.sg>.
Hi Chris,
When I use curl, I also get the same response via HTTP, not HTTP/2.
curl --http2 -k -v -g -6 https://\[::1\]:8443
I think I leave it for now. But thanks for your support.
Cheers,
Sven
On 7/6/16, 3:01 AM, "Christopher Schultz" <ch...@christopherschultz.net> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Sven,
>
>On 6/6/16 9:34 AM, Sven Schleier wrote:
>> Hi Mark,
>>
>> Thanks for this hint. My Tomcat is actually reachable from external
>> via HTTP/2. When I try to connect via the official domain I can
>> connect via HTTP/2 over SSL (h2), but not locally via localhost.
>> Tomcat is listening on all interfaces, and HTTP connections on
>> localhost are working, but not HTTP/2.
>>
>> Any idea why I HTTP/2 is not available on localhost?
>
>IPv4 vs. IPv6?
>
>I'm grasping at straws at this point.
>
>- -chris
>-----BEGIN PGP SIGNATURE-----
>Comment: GPGTools - http://gpgtools.org
>Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
>iEYEARECAAYFAldVyGwACgkQ9CaO5/Lv0PBmawCffKUn0YQXfXa1FcNG9u67+cLf
>absAoLPHMEJjTEcNl1ZwQYfV+O9EiURW
>=V6AU
>-----END PGP SIGNATURE-----
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 8.5.2 Beta and HTTP/2
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sven,
On 6/6/16 9:34 AM, Sven Schleier wrote:
> Hi Mark,
>
> Thanks for this hint. My Tomcat is actually reachable from external
> via HTTP/2. When I try to connect via the official domain I can
> connect via HTTP/2 over SSL (h2), but not locally via localhost.
> Tomcat is listening on all interfaces, and HTTP connections on
> localhost are working, but not HTTP/2.
>
> Any idea why I HTTP/2 is not available on localhost?
IPv4 vs. IPv6?
I'm grasping at straws at this point.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAldVyGwACgkQ9CaO5/Lv0PBmawCffKUn0YQXfXa1FcNG9u67+cLf
absAoLPHMEJjTEcNl1ZwQYfV+O9EiURW
=V6AU
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 8.5.2 Beta and HTTP/2
Posted by Sven Schleier <sv...@vantagepoint.sg>.
Thanks for helping out Mark. If I have some time I will dig deeper into the issue, for now it’s ok.
On 6/6/16, 9:51 PM, "Mark Thomas" <ma...@apache.org> wrote:
>On 06/06/2016 14:34, Sven Schleier wrote:
>> Hi Mark,
>>
>> Thanks for this hint. My Tomcat is actually reachable from external via HTTP/2. When I try to connect via the official domain I can connect via HTTP/2 over SSL (h2), but not locally via localhost. Tomcat is listening on all interfaces, and HTTP connections on localhost are working, but not HTTP/2.
>>
>> Any idea why I HTTP/2 is not available on localhost?
>
>Sorry, none. Most of the HTTP/2 development testing was done connecting
>to localhost and I don't recall any issues.
>
>> There are also no logs generated when trying to connect via HTTP/2 on localhost.
>
>That usually means something went wrong during the HTTP/2 handshake.
>Time to fire up tcpdump / Wireshark.
>
>Mark
>
>
>>
>> Thanks and cheers,
>>
>> Sven
>>
>>
>> On 3/6/16, 4:22 PM, "Mark Thomas" <ma...@apache.org> wrote:
>>
>>> On 02/06/2016 01:23, Sven Schleier wrote:
>>>> True, you are right. Do you have any suggestion or sample configuration that should work you can share, or anyone else?
>>>
>>> https://www.youtube.com/watch?v=oCFwgMvouis
>>>
>>> You can use 8.5.x where you see 9.0.x.
>>>
>>> Setting
>>> org.apache.coyote.http2.level = FINE
>>> in logging.properties will show you what is going on.
>>>
>>> Mark
>>>
>>>
>>>>
>>>>
>>>> On 1/6/16, 9:13 PM, "Mark Thomas" <ma...@apache.org> wrote:
>>>>
>>>>> On 01/06/2016 14:07, Sven Schleier wrote:
>>>>>> Yes. That’s possible. I am just missing the “HTTP/1.1 101 Switching Protocols” so it’s not switching to HTTP/2.
>>>>>
>>>>> You'll only get that if you try to use HTTP/2 over a non-TLS channel.
>>>>>
>>>>> When using TLS, ALPN is used to negotiate the protocol.
>>>>>
>>>>> Mark
>>>>>
>>>>>
>>>>>>
>>>>>>
>>>>>> On 1/6/16, 7:04 PM, "Mark Thomas" <ma...@apache.org> wrote:
>>>>>>
>>>>>>> On 01/06/2016 03:16, Sven Schleier wrote:
>>>>>>>> Hi mailinglist,
>>>>>>>>
>>>>>>>> I just want to play around with the new HTTP/2 implementation of Tomcat
>>>>>>>> 8.5.2 Beta. The tomcat instance is up and running and the h2 support is
>>>>>>>> activated, according to the log during startup:
>>>>>>>>
>>>>>>>> 01-Jun-2016 01:57:52.544 INFO [main]
>>>>>>>> org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol
>>>>>>>> The ["https-openssl-apr-8443"] connector has been configured to support
>>>>>>>> negotiation to [h2] via ALPN
>>>>>>>>
>>>>>>>>
>>>>>>>> But when I try to connect via nghttp (command line client for HTTP/2),
>>>>>>>> it tells me that h2 is not available.
>>>>>>>>
>>>>>>>> ➜ apache-tomcat-8.5.2 nghttp -v https://127.0.0.1:8443
>>>>>>>> <https://127.0.0.1:8443/>
>>>>>>>
>>>>>>> Can you connect via https + HTTP/1.1
>>>>>>>
>>>>>>> Mark
>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>>>
>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 8.5.2 Beta and HTTP/2
Posted by Mark Thomas <ma...@apache.org>.
On 06/06/2016 14:34, Sven Schleier wrote:
> Hi Mark,
>
> Thanks for this hint. My Tomcat is actually reachable from external via HTTP/2. When I try to connect via the official domain I can connect via HTTP/2 over SSL (h2), but not locally via localhost. Tomcat is listening on all interfaces, and HTTP connections on localhost are working, but not HTTP/2.
>
> Any idea why I HTTP/2 is not available on localhost?
Sorry, none. Most of the HTTP/2 development testing was done connecting
to localhost and I don't recall any issues.
> There are also no logs generated when trying to connect via HTTP/2 on localhost.
That usually means something went wrong during the HTTP/2 handshake.
Time to fire up tcpdump / Wireshark.
Mark
>
> Thanks and cheers,
>
> Sven
>
>
> On 3/6/16, 4:22 PM, "Mark Thomas" <ma...@apache.org> wrote:
>
>> On 02/06/2016 01:23, Sven Schleier wrote:
>>> True, you are right. Do you have any suggestion or sample configuration that should work you can share, or anyone else?
>>
>> https://www.youtube.com/watch?v=oCFwgMvouis
>>
>> You can use 8.5.x where you see 9.0.x.
>>
>> Setting
>> org.apache.coyote.http2.level = FINE
>> in logging.properties will show you what is going on.
>>
>> Mark
>>
>>
>>>
>>>
>>> On 1/6/16, 9:13 PM, "Mark Thomas" <ma...@apache.org> wrote:
>>>
>>>> On 01/06/2016 14:07, Sven Schleier wrote:
>>>>> Yes. That\u2019s possible. I am just missing the \u201cHTTP/1.1 101 Switching Protocols\u201d so it\u2019s not switching to HTTP/2.
>>>>
>>>> You'll only get that if you try to use HTTP/2 over a non-TLS channel.
>>>>
>>>> When using TLS, ALPN is used to negotiate the protocol.
>>>>
>>>> Mark
>>>>
>>>>
>>>>>
>>>>>
>>>>> On 1/6/16, 7:04 PM, "Mark Thomas" <ma...@apache.org> wrote:
>>>>>
>>>>>> On 01/06/2016 03:16, Sven Schleier wrote:
>>>>>>> Hi mailinglist,
>>>>>>>
>>>>>>> I just want to play around with the new HTTP/2 implementation of Tomcat
>>>>>>> 8.5.2 Beta. The tomcat instance is up and running and the h2 support is
>>>>>>> activated, according to the log during startup:
>>>>>>>
>>>>>>> 01-Jun-2016 01:57:52.544 INFO [main]
>>>>>>> org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol
>>>>>>> The ["https-openssl-apr-8443"] connector has been configured to support
>>>>>>> negotiation to [h2] via ALPN
>>>>>>>
>>>>>>>
>>>>>>> But when I try to connect via nghttp (command line client for HTTP/2),
>>>>>>> it tells me that h2 is not available.
>>>>>>>
>>>>>>> \u279c apache-tomcat-8.5.2 nghttp -v https://127.0.0.1:8443
>>>>>>> <https://127.0.0.1:8443/>
>>>>>>
>>>>>> Can you connect via https + HTTP/1.1
>>>>>>
>>>>>> Mark
>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 8.5.2 Beta and HTTP/2
Posted by Sven Schleier <sv...@vantagepoint.sg>.
Hi Mark,
Thanks for this hint. My Tomcat is actually reachable from external via HTTP/2. When I try to connect via the official domain I can connect via HTTP/2 over SSL (h2), but not locally via localhost. Tomcat is listening on all interfaces, and HTTP connections on localhost are working, but not HTTP/2.
Any idea why I HTTP/2 is not available on localhost?
There are also no logs generated when trying to connect via HTTP/2 on localhost.
Thanks and cheers,
Sven
On 3/6/16, 4:22 PM, "Mark Thomas" <ma...@apache.org> wrote:
>On 02/06/2016 01:23, Sven Schleier wrote:
>> True, you are right. Do you have any suggestion or sample configuration that should work you can share, or anyone else?
>
>https://www.youtube.com/watch?v=oCFwgMvouis
>
>You can use 8.5.x where you see 9.0.x.
>
>Setting
>org.apache.coyote.http2.level = FINE
>in logging.properties will show you what is going on.
>
>Mark
>
>
>>
>>
>> On 1/6/16, 9:13 PM, "Mark Thomas" <ma...@apache.org> wrote:
>>
>>> On 01/06/2016 14:07, Sven Schleier wrote:
>>>> Yes. That’s possible. I am just missing the “HTTP/1.1 101 Switching Protocols” so it’s not switching to HTTP/2.
>>>
>>> You'll only get that if you try to use HTTP/2 over a non-TLS channel.
>>>
>>> When using TLS, ALPN is used to negotiate the protocol.
>>>
>>> Mark
>>>
>>>
>>>>
>>>>
>>>> On 1/6/16, 7:04 PM, "Mark Thomas" <ma...@apache.org> wrote:
>>>>
>>>>> On 01/06/2016 03:16, Sven Schleier wrote:
>>>>>> Hi mailinglist,
>>>>>>
>>>>>> I just want to play around with the new HTTP/2 implementation of Tomcat
>>>>>> 8.5.2 Beta. The tomcat instance is up and running and the h2 support is
>>>>>> activated, according to the log during startup:
>>>>>>
>>>>>> 01-Jun-2016 01:57:52.544 INFO [main]
>>>>>> org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol
>>>>>> The ["https-openssl-apr-8443"] connector has been configured to support
>>>>>> negotiation to [h2] via ALPN
>>>>>>
>>>>>>
>>>>>> But when I try to connect via nghttp (command line client for HTTP/2),
>>>>>> it tells me that h2 is not available.
>>>>>>
>>>>>> ➜ apache-tomcat-8.5.2 nghttp -v https://127.0.0.1:8443
>>>>>> <https://127.0.0.1:8443/>
>>>>>
>>>>> Can you connect via https + HTTP/1.1
>>>>>
>>>>> Mark
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 8.5.2 Beta and HTTP/2
Posted by Mark Thomas <ma...@apache.org>.
On 02/06/2016 01:23, Sven Schleier wrote:
> True, you are right. Do you have any suggestion or sample configuration that should work you can share, or anyone else?
https://www.youtube.com/watch?v=oCFwgMvouis
You can use 8.5.x where you see 9.0.x.
Setting
org.apache.coyote.http2.level = FINE
in logging.properties will show you what is going on.
Mark
>
>
> On 1/6/16, 9:13 PM, "Mark Thomas" <ma...@apache.org> wrote:
>
>> On 01/06/2016 14:07, Sven Schleier wrote:
>>> Yes. That\u2019s possible. I am just missing the \u201cHTTP/1.1 101 Switching Protocols\u201d so it\u2019s not switching to HTTP/2.
>>
>> You'll only get that if you try to use HTTP/2 over a non-TLS channel.
>>
>> When using TLS, ALPN is used to negotiate the protocol.
>>
>> Mark
>>
>>
>>>
>>>
>>> On 1/6/16, 7:04 PM, "Mark Thomas" <ma...@apache.org> wrote:
>>>
>>>> On 01/06/2016 03:16, Sven Schleier wrote:
>>>>> Hi mailinglist,
>>>>>
>>>>> I just want to play around with the new HTTP/2 implementation of Tomcat
>>>>> 8.5.2 Beta. The tomcat instance is up and running and the h2 support is
>>>>> activated, according to the log during startup:
>>>>>
>>>>> 01-Jun-2016 01:57:52.544 INFO [main]
>>>>> org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol
>>>>> The ["https-openssl-apr-8443"] connector has been configured to support
>>>>> negotiation to [h2] via ALPN
>>>>>
>>>>>
>>>>> But when I try to connect via nghttp (command line client for HTTP/2),
>>>>> it tells me that h2 is not available.
>>>>>
>>>>> \u279c apache-tomcat-8.5.2 nghttp -v https://127.0.0.1:8443
>>>>> <https://127.0.0.1:8443/>
>>>>
>>>> Can you connect via https + HTTP/1.1
>>>>
>>>> Mark
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 8.5.2 Beta and HTTP/2
Posted by Sven Schleier <sv...@vantagepoint.sg>.
Hi Chris,
➜ apache-tomcat-8.5.2 nghttp -vvvvv https://127,0.0.1:8443
[ 0.000] Connected
[ERROR] HTTP/2 protocol was not selected. (nghttp2 expects h2)
Some requests were not processed. total=1, processed=0
I am not getting more information. Same behavior with hostname
Thanks and cheers,
Sven
On 3/6/16, 5:14 AM, "Christopher Schultz" <ch...@christopherschultz.net> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA256
>
>Sven,
>
>On 6/1/16 8:23 PM, Sven Schleier wrote:
>> True, you are right. Do you have any suggestion or sample
>> configuration that should work you can share, or anyone else?
>
>$ nghttp -vvvvv https://127.0.0.1:8443/
>
>??
>
>What if you use the hostname of the machine instead of the IP address?
>
>- -chris
>
>> On 1/6/16, 9:13 PM, "Mark Thomas" <ma...@apache.org> wrote:
>>
>>> On 01/06/2016 14:07, Sven Schleier wrote:
>>>> Yes. That’s possible. I am just missing the “HTTP/1.1 101
>>>> Switching Protocols” so it’s not switching to HTTP/2.
>>>
>>> You'll only get that if you try to use HTTP/2 over a non-TLS
>>> channel.
>>>
>>> When using TLS, ALPN is used to negotiate the protocol.
>>>
>>> Mark
>>>
>>>
>>>>
>>>>
>>>> On 1/6/16, 7:04 PM, "Mark Thomas" <ma...@apache.org> wrote:
>>>>
>>>>> On 01/06/2016 03:16, Sven Schleier wrote:
>>>>>> Hi mailinglist,
>>>>>>
>>>>>> I just want to play around with the new HTTP/2
>>>>>> implementation of Tomcat 8.5.2 Beta. The tomcat instance is
>>>>>> up and running and the h2 support is activated, according
>>>>>> to the log during startup:
>>>>>>
>>>>>> 01-Jun-2016 01:57:52.544 INFO [main]
>>>>>> org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradePr
>otocol
>>>>>>
>>>>>>
>The ["https-openssl-apr-8443"] connector has been configured to support
>>>>>> negotiation to [h2] via ALPN
>>>>>>
>>>>>>
>>>>>> But when I try to connect via nghttp (command line client
>>>>>> for HTTP/2), it tells me that h2 is not available.
>>>>>>
>>>>>> ➜ apache-tomcat-8.5.2 nghttp -v https://127.0.0.1:8443
>>>>>> <https://127.0.0.1:8443/>
>>>>>
>>>>> Can you connect via https + HTTP/1.1
>>>>>
>>>>> Mark
>>>>>
>>>>>
>>>>> -------------------------------------------------------------------
>- --
>>>>>
>>>>>
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>> For additional commands, e-mail:
>>>>> users-help@tomcat.apache.org
>>>>>
>>>>
>>>>
>>>> --------------------------------------------------------------------
>- -
>>>>
>>>>
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>>
>>>
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>>
>>
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>-----BEGIN PGP SIGNATURE-----
>Comment: GPGTools - http://gpgtools.org
>Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
>iQIcBAEBCAAGBQJXUKGoAAoJEBzwKT+lPKRYc74QAI7Dejl+7A3NbioSF5kdK/gz
>rmCj04+ni19aiB1Tsn7AuHoVQDB7fGd9AafC3qTHo0tr3BlKHDPHzlaNk61iwElD
>R4apbbXxDfnFZCnBAulLlFGXcYjJz7XJ2yNAOa1wLChhOmVV+HZmtI8z/HfenDFu
>lTFb6V+/NZOV3Si2kYuc8UmzOdo7claa7LuCZLPKzYp0KPMEW98xY3rQFXWE6VXG
>5A4gME4hB3nXc90JztDKjCVZClrM/GwDJ2IYJlW1foYLKFfRuE+eR3Cny72+41DU
>LtoMrl6Zg1tX75OneNroHU/MUB7Kec3hYanolCXVMxlyk8vjvY+WLglWCzyVtDNB
>/xazJDse7x98KntFjNWGZmWNu0dQFBXGvrLzFh49IKgyfqq+f4n4TD8nmz3kMWEI
>YllV2MWV3sh15XNQ2JkB7FOxxdQzKViSwncUclVQJpIVF7lB0AB09idcwkY4mm6E
>0mzBAGuAZ/Orf32Q0MP5+f6584YFpC8jV2+DHb1kxVu1mpXzDmp34jJ8yrYQlSEA
>rTG6zYUXE9nrJlLWliNOSJSNXW6AcLpDuGrSEqLlFgmvhlR/wURLjmEydu0Ln2tO
>g6FXzWh1qGd7uq3d9GkdMYMc32MetR3Vnkxh7gsWjzUTZrqX05sRx+3d8paman2Q
>O6Tq0FIbMLL9FopoPh96
>=6s4p
>-----END PGP SIGNATURE-----
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
Re: Tomcat 8.5.2 Beta and HTTP/2
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Sven,
On 6/1/16 8:23 PM, Sven Schleier wrote:
> True, you are right. Do you have any suggestion or sample
> configuration that should work you can share, or anyone else?
$ nghttp -vvvvv https://127.0.0.1:8443/
??
What if you use the hostname of the machine instead of the IP address?
- -chris
> On 1/6/16, 9:13 PM, "Mark Thomas" <ma...@apache.org> wrote:
>
>> On 01/06/2016 14:07, Sven Schleier wrote:
>>> Yes. That\u2019s possible. I am just missing the \u201cHTTP/1.1 101
>>> Switching Protocols\u201d so it\u2019s not switching to HTTP/2.
>>
>> You'll only get that if you try to use HTTP/2 over a non-TLS
>> channel.
>>
>> When using TLS, ALPN is used to negotiate the protocol.
>>
>> Mark
>>
>>
>>>
>>>
>>> On 1/6/16, 7:04 PM, "Mark Thomas" <ma...@apache.org> wrote:
>>>
>>>> On 01/06/2016 03:16, Sven Schleier wrote:
>>>>> Hi mailinglist,
>>>>>
>>>>> I just want to play around with the new HTTP/2
>>>>> implementation of Tomcat 8.5.2 Beta. The tomcat instance is
>>>>> up and running and the h2 support is activated, according
>>>>> to the log during startup:
>>>>>
>>>>> 01-Jun-2016 01:57:52.544 INFO [main]
>>>>> org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradePr
otocol
>>>>>
>>>>>
The ["https-openssl-apr-8443"] connector has been configured to support
>>>>> negotiation to [h2] via ALPN
>>>>>
>>>>>
>>>>> But when I try to connect via nghttp (command line client
>>>>> for HTTP/2), it tells me that h2 is not available.
>>>>>
>>>>> \u279c apache-tomcat-8.5.2 nghttp -v https://127.0.0.1:8443
>>>>> <https://127.0.0.1:8443/>
>>>>
>>>> Can you connect via https + HTTP/1.1
>>>>
>>>> Mark
>>>>
>>>>
>>>> -------------------------------------------------------------------
- --
>>>>
>>>>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail:
>>>> users-help@tomcat.apache.org
>>>>
>>>
>>>
>>> --------------------------------------------------------------------
- -
>>>
>>>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>>
>>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
>
> ---------------------------------------------------------------------
>
>
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJXUKGoAAoJEBzwKT+lPKRYc74QAI7Dejl+7A3NbioSF5kdK/gz
rmCj04+ni19aiB1Tsn7AuHoVQDB7fGd9AafC3qTHo0tr3BlKHDPHzlaNk61iwElD
R4apbbXxDfnFZCnBAulLlFGXcYjJz7XJ2yNAOa1wLChhOmVV+HZmtI8z/HfenDFu
lTFb6V+/NZOV3Si2kYuc8UmzOdo7claa7LuCZLPKzYp0KPMEW98xY3rQFXWE6VXG
5A4gME4hB3nXc90JztDKjCVZClrM/GwDJ2IYJlW1foYLKFfRuE+eR3Cny72+41DU
LtoMrl6Zg1tX75OneNroHU/MUB7Kec3hYanolCXVMxlyk8vjvY+WLglWCzyVtDNB
/xazJDse7x98KntFjNWGZmWNu0dQFBXGvrLzFh49IKgyfqq+f4n4TD8nmz3kMWEI
YllV2MWV3sh15XNQ2JkB7FOxxdQzKViSwncUclVQJpIVF7lB0AB09idcwkY4mm6E
0mzBAGuAZ/Orf32Q0MP5+f6584YFpC8jV2+DHb1kxVu1mpXzDmp34jJ8yrYQlSEA
rTG6zYUXE9nrJlLWliNOSJSNXW6AcLpDuGrSEqLlFgmvhlR/wURLjmEydu0Ln2tO
g6FXzWh1qGd7uq3d9GkdMYMc32MetR3Vnkxh7gsWjzUTZrqX05sRx+3d8paman2Q
O6Tq0FIbMLL9FopoPh96
=6s4p
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 8.5.2 Beta and HTTP/2
Posted by Sven Schleier <sv...@vantagepoint.sg>.
True, you are right. Do you have any suggestion or sample configuration that should work you can share, or anyone else?
On 1/6/16, 9:13 PM, "Mark Thomas" <ma...@apache.org> wrote:
>On 01/06/2016 14:07, Sven Schleier wrote:
>> Yes. That’s possible. I am just missing the “HTTP/1.1 101 Switching Protocols” so it’s not switching to HTTP/2.
>
>You'll only get that if you try to use HTTP/2 over a non-TLS channel.
>
>When using TLS, ALPN is used to negotiate the protocol.
>
>Mark
>
>
>>
>>
>> On 1/6/16, 7:04 PM, "Mark Thomas" <ma...@apache.org> wrote:
>>
>>> On 01/06/2016 03:16, Sven Schleier wrote:
>>>> Hi mailinglist,
>>>>
>>>> I just want to play around with the new HTTP/2 implementation of Tomcat
>>>> 8.5.2 Beta. The tomcat instance is up and running and the h2 support is
>>>> activated, according to the log during startup:
>>>>
>>>> 01-Jun-2016 01:57:52.544 INFO [main]
>>>> org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol
>>>> The ["https-openssl-apr-8443"] connector has been configured to support
>>>> negotiation to [h2] via ALPN
>>>>
>>>>
>>>> But when I try to connect via nghttp (command line client for HTTP/2),
>>>> it tells me that h2 is not available.
>>>>
>>>> ➜ apache-tomcat-8.5.2 nghttp -v https://127.0.0.1:8443
>>>> <https://127.0.0.1:8443/>
>>>
>>> Can you connect via https + HTTP/1.1
>>>
>>> Mark
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
Re: Tomcat 8.5.2 Beta and HTTP/2
Posted by Mark Thomas <ma...@apache.org>.
On 01/06/2016 14:07, Sven Schleier wrote:
> Yes. That\u2019s possible. I am just missing the \u201cHTTP/1.1 101 Switching Protocols\u201d so it\u2019s not switching to HTTP/2.
You'll only get that if you try to use HTTP/2 over a non-TLS channel.
When using TLS, ALPN is used to negotiate the protocol.
Mark
>
>
> On 1/6/16, 7:04 PM, "Mark Thomas" <ma...@apache.org> wrote:
>
>> On 01/06/2016 03:16, Sven Schleier wrote:
>>> Hi mailinglist,
>>>
>>> I just want to play around with the new HTTP/2 implementation of Tomcat
>>> 8.5.2 Beta. The tomcat instance is up and running and the h2 support is
>>> activated, according to the log during startup:
>>>
>>> 01-Jun-2016 01:57:52.544 INFO [main]
>>> org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol
>>> The ["https-openssl-apr-8443"] connector has been configured to support
>>> negotiation to [h2] via ALPN
>>>
>>>
>>> But when I try to connect via nghttp (command line client for HTTP/2),
>>> it tells me that h2 is not available.
>>>
>>> \u279c apache-tomcat-8.5.2 nghttp -v https://127.0.0.1:8443
>>> <https://127.0.0.1:8443/>
>>
>> Can you connect via https + HTTP/1.1
>>
>> Mark
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 8.5.2 Beta and HTTP/2
Posted by Sven Schleier <sv...@vantagepoint.sg>.
Yes. That’s possible. I am just missing the “HTTP/1.1 101 Switching Protocols” so it’s not switching to HTTP/2.
On 1/6/16, 7:04 PM, "Mark Thomas" <ma...@apache.org> wrote:
>On 01/06/2016 03:16, Sven Schleier wrote:
>> Hi mailinglist,
>>
>> I just want to play around with the new HTTP/2 implementation of Tomcat
>> 8.5.2 Beta. The tomcat instance is up and running and the h2 support is
>> activated, according to the log during startup:
>>
>> 01-Jun-2016 01:57:52.544 INFO [main]
>> org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol
>> The ["https-openssl-apr-8443"] connector has been configured to support
>> negotiation to [h2] via ALPN
>>
>>
>> But when I try to connect via nghttp (command line client for HTTP/2),
>> it tells me that h2 is not available.
>>
>> ➜ apache-tomcat-8.5.2 nghttp -v https://127.0.0.1:8443
>> <https://127.0.0.1:8443/>
>
>Can you connect via https + HTTP/1.1
>
>Mark
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
Re: Tomcat 8.5.2 Beta and HTTP/2
Posted by Mark Thomas <ma...@apache.org>.
On 01/06/2016 03:16, Sven Schleier wrote:
> Hi mailinglist,
>
> I just want to play around with the new HTTP/2 implementation of Tomcat
> 8.5.2 Beta. The tomcat instance is up and running and the h2 support is
> activated, according to the log during startup:
>
> 01-Jun-2016 01:57:52.544 INFO [main]
> org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol
> The ["https-openssl-apr-8443"] connector has been configured to support
> negotiation to [h2] via ALPN
>
>
> But when I try to connect via nghttp (command line client for HTTP/2),
> it tells me that h2 is not available.
>
> \u279c apache-tomcat-8.5.2 nghttp -v https://127.0.0.1:8443
> <https://127.0.0.1:8443/>
Can you connect via https + HTTP/1.1
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org