Video - https://www.youtube.com/watch?v=Jw5vBlKLdmc
-
NGINX 1.9.5+ / NGINX Plus R7+ (
nginx -v) -
OpenSSL 1.0.2+ (
openssl version && openssl version -a) -
SSL/TLS Certificate (Let's Encrypt free option)
-
TLSv1.2 Protocol required - implementations of HTTP/2 MUST use TLS version 1.2 or higher for HTTP/2 over TLS.
-
TCP + TLS 1.2 + HTTP/2
nginx -V
./configure --with-http_v2_module --with-http_ssl_module
listen 443 ssl http2;
No Server Push yet...
$request ---> GET / HTTP/2.0
$http2 ---> h2, h2c, ""
wget https://nginx.org/keys/nginx_signing.key
apt-key add nginx_signing.key
printf "deb https://nginx.org/packages/mainline/ubuntu/ `lsb_release -sc` nginx \ndeb-src https://nginx.org/packages/mainline/ubuntu/ `lsb_release -sc` nginx \n" >> /etc/apt/sources.list.d/nginx_mainline.list
apt update
apt install -y nginxserver {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2 default_server;
server_name example.com www.example.com;
root /path/to/public;
ssl_certificate /path/to/certificate.pem;
ssl_certificate_key /path/to/private_key.pem;
ssl_protocols TLSv1.2;
}
-
RFC 7540 published in 2015
-
HTTP/2 is binary protocol
-
HTTP/2 is backward compatible with HTTP/1.1
-
HTTP/2 is TLS only in Chrome, Firefox, Opera, EDGE & Safari
-
TLS 1.2 is enforced. If a server negotiates HTTP/2 with a lower TLS version, it is treated as a protocol error
-
HTTP/2 protocol is negotiated via NPN or ALPN
